Feature aws identity center sso (#36)

* cleanup of github issue templates

* initial commit and configuration

* initial configuration of permission set and policies

* Continuous Integration - terraform fmt and terraform-docs

* added group

* Continuous Integration - terraform fmt and terraform-docs

* corrected data instance

* for_each toset()

* converting to a map of objects

* Continuous Integration - terraform fmt and terraform-docs

* added group readme information and description

* added group lookup and account assignment

* Continuous Integration - terraform fmt and terraform-docs

* added list of accounts and removed unused data source

* Continuous Integration - terraform fmt and terraform-docs

* adding example into the target_accounts variable

* had another example to rename

* each.key instead of each.groups

* testing manual key for now

* added logic for for_each to assignments

* Continuous Integration - terraform fmt and terraform-docs

* changed groups from list to set

* Continuous Integration - terraform fmt and terraform-docs

* changed assignments logic toset()

* improvement to logic for assignments by creating key/value pairs for each permission set

* added group_name for easier identification and keys

* added assignment_ids output

* Continuous Integration - terraform fmt and terraform-docs

* updated example and fixed output argument

* added examples for the readme

* added name and description in readme

* updated the outputs data structure

* Continuous Integration - terraform fmt and terraform-docs

* unique output test

* adding user

* Continuous Integration - terraform fmt and terraform-docs

* added additional email and phone arguments

* Continuous Integration - terraform fmt and terraform-docs

* added local to simplify the identity_store_id

* updated user example

---------

Co-authored-by: zachreborn <[email protected]>

.github/ISSUE_TEMPLATE/terraform-bug.md

@@ -1,10 +1,9 @@
 ---
-name: Terraform Bug
+name: Bug
 about: Bug template for tracking issues, next steps, and solutions.
 title: ''
 labels: bug
 assignees: zachreborn
-
 ---
 
 ### Describe the bug
@@ -29,5 +28,5 @@ Description of solution, leave blank if not yet found.
 ### Confirmation
 Confirmation that proposed solution is successful. 
 
-### Next Steps
-[] Step 1...
+### Current Workaround
+A clear and concise description of any alternative solutions or features you've considered.

.github/ISSUE_TEMPLATE/terraform-feature-request.md

@@ -1,10 +1,9 @@
 ---
-name: Terraform Feature Request
+name: Feature Request
 about: Feature template for tracking issues, next steps, and solutions.
 title: ''
 labels: feature
 assignees: zachreborn
-
 ---
 
 ### Describe the feature
@@ -16,15 +15,8 @@ Does it require modifying an existing module or adding a new module?
 What will be the most scalable, repeatable way to create and add/edit/modify this feature?
 What is the desired outcome?
 
-### Severity/Priority
-What is the severify or impact of needing this feature?
-What is the priority we should consider when making this, such as high/low/medium?
-
 ### Examples
 Example branches/successful runs/working versions demonstrating this prior to completion.
 
 ### Confirmation
 Confirmation that proposed solution is successful. 
-
-### Next Steps
-[] Step 1...

modules/aws/identity_center/group/README.md

@@ -0,0 +1,172 @@
+<!-- Blank module readme template: Do a search and replace with your text editor for the following: `module_name`, `module_description` -->
+<!-- Improved compatibility of back to top link: See: https://github.com/othneildrew/Best-README-Template/pull/73 -->
+<a name="readme-top"></a>
+
+
+<!-- PROJECT SHIELDS -->
+<!--
+*** I'm using markdown "reference style" links for readability.
+*** Reference links are enclosed in brackets [ ] instead of parentheses ( ).
+*** See the bottom of this document for the declaration of the reference variables
+*** for contributors-url, forks-url, etc. This is an optional, concise syntax you may use.
+*** https://www.markdownguide.org/basic-syntax/#reference-style-links
+-->
+[![Contributors][contributors-shield]][contributors-url]
+[![Forks][forks-shield]][forks-url]
+[![Stargazers][stars-shield]][stars-url]
+[![Issues][issues-shield]][issues-url]
+[![MIT License][license-shield]][license-url]
+[![LinkedIn][linkedin-shield]][linkedin-url]
+
+
+<!-- PROJECT LOGO -->
+<br />
+<div align="center">
+  <a href="https://github.com/zachreborn/terraform-modules">
+    <img src="/images/terraform_modules_logo.webp" alt="Logo" width="300" height="300">
+  </a>
+
+<h3 align="center">Identity Center Group</h3>
+  <p align="center">
+    This module creates a group in AWS Identity Center (formerly AWS SSO). These groups are then utilized to manage permissions to accounts or applications.
+    <br />
+    <a href="https://github.com/zachreborn/terraform-modules"><strong>Explore the docs »</strong></a>
+    <br />
+    <br />
+    <a href="https://zacharyhill.co">Zachary Hill</a>
+    ·
+    <a href="https://github.com/zachreborn/terraform-modules/issues">Report Bug</a>
+    ·
+    <a href="https://github.com/zachreborn/terraform-modules/issues">Request Feature</a>
+  </p>
+</div>
+
+
+<!-- TABLE OF CONTENTS -->
+<details>
+  <summary>Table of Contents</summary>
+  <ol>
+    <li><a href="#usage">Usage</a></li>
+    <li><a href="#requirements">Requirements</a></li>
+    <li><a href="#providers">Providers</a></li>
+    <li><a href="#modules">Modules</a></li>
+    <li><a href="#Resources">Resources</a></li>
+    <li><a href="#inputs">Inputs</a></li>
+    <li><a href="#outputs">Outputs</a></li>
+    <li><a href="#license">License</a></li>
+    <li><a href="#contact">Contact</a></li>
+    <li><a href="#acknowledgments">Acknowledgments</a></li>
+  </ol>
+</details>
+
+
+<!-- USAGE EXAMPLES -->
+## Usage
+### Simple Example
+This example creates groups managed by terraform. Note, we recommend using an IAM platform like AWS SSO, Microsoft Entra ID, or Okta as your IDP to manage groups and users automatically.
+```
+module "groups" {
+  source = "github.com/zachreborn/terraform-modules//modules/aws/identity_center/group"
+  groups = {
+    "admins" = {
+      display_name = "admins"
+      description  = "Admins from my domains"
+    },
+    "terraform" = {
+      display_name = "terraform"
+      description  = "Terraform users for CI/CD deployment"
+    }
+  }
+}
+```
+
+_For more examples, please refer to the [Documentation](https://github.com/zachreborn/terraform-modules)_
+
+<p align="right">(<a href="#readme-top">back to top</a>)</p>
+
+<!-- terraform-docs output will be input automatically below-->
+<!-- terraform-docs markdown table --output-file README.md --output-mode inject .-->
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.0.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.0.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_identitystore_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/identitystore_group) | resource |
+| [aws_ssoadmin_instances.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ssoadmin_instances) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_groups"></a> [groups](#input\_groups) | (Required) The list of groups to create. | <pre>map(object({<br>    display_name = string # (Required) The friendly name to identify the group.<br>    description  = string # (Optional) The description of the group.<br>  }))</pre> | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_group_ids"></a> [group\_ids](#output\_group\_ids) | The IDs of the groups in the identity store |
+<!-- END_TF_DOCS -->
+
+<!-- LICENSE -->
+## License
+
+Distributed under the MIT License. See `LICENSE.txt` for more information.
+
+<p align="right">(<a href="#readme-top">back to top</a>)</p>
+
+
+
+<!-- CONTACT -->
+## Contact
+
+Zachary Hill - [![LinkedIn][linkedin-shield]][linkedin-url] - [email protected]
+
+Project Link: [https://github.com/zachreborn/terraform-modules](https://github.com/zachreborn/terraform-modules)
+
+<p align="right">(<a href="#readme-top">back to top</a>)</p>
+
+
+
+<!-- ACKNOWLEDGMENTS -->
+## Acknowledgments
+
+* [Zachary Hill](https://zacharyhill.co)
+* [Jake Jones](https://github.com/jakeasarus)
+
+<p align="right">(<a href="#readme-top">back to top</a>)</p>
+
+
+<!-- MARKDOWN LINKS & IMAGES -->
+<!-- https://www.markdownguide.org/basic-syntax/#reference-style-links -->
+[contributors-shield]: https://img.shields.io/github/contributors/zachreborn/terraform-modules.svg?style=for-the-badge
+[contributors-url]: https://github.com/zachreborn/terraform-modules/graphs/contributors
+[forks-shield]: https://img.shields.io/github/forks/zachreborn/terraform-modules.svg?style=for-the-badge
+[forks-url]: https://github.com/zachreborn/terraform-modules/network/members
+[stars-shield]: https://img.shields.io/github/stars/zachreborn/terraform-modules.svg?style=for-the-badge
+[stars-url]: https://github.com/zachreborn/terraform-modules/stargazers
+[issues-shield]: https://img.shields.io/github/issues/zachreborn/terraform-modules.svg?style=for-the-badge
+[issues-url]: https://github.com/zachreborn/terraform-modules/issues
+[license-shield]: https://img.shields.io/github/license/zachreborn/terraform-modules.svg?style=for-the-badge
+[license-url]: https://github.com/zachreborn/terraform-modules/blob/master/LICENSE.txt
+[linkedin-shield]: https://img.shields.io/badge/-LinkedIn-black.svg?style=for-the-badge&logo=linkedin&colorB=555
+[linkedin-url]: https://www.linkedin.com/in/zachary-hill-5524257a/
+[product-screenshot]: /images/screenshot.webp
+[Terraform.io]: https://img.shields.io/badge/Terraform-7B42BC?style=for-the-badge&logo=terraform
+[Terraform-url]: https://terraform.io

modules/aws/identity_center/group/main.tf

@@ -0,0 +1,37 @@
+###########################
+# Provider Configuration
+###########################
+terraform {
+  required_version = ">= 1.0.0"
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 4.0.0"
+    }
+  }
+}
+
+###########################
+# Data Sources
+###########################
+
+data "aws_ssoadmin_instances" "this" {}
+
+###########################
+# Locals
+###########################
+
+locals {
+  identity_store_id = tolist(data.aws_ssoadmin_instances.this.identity_store_ids)[0]
+}
+
+###########################
+# Module Configuration
+###########################
+
+resource "aws_identitystore_group" "this" {
+  for_each          = var.groups
+  description       = each.value.description
+  display_name      = each.value.display_name
+  identity_store_id = local.identity_store_id
+}

modules/aws/identity_center/group/outputs.tf

@@ -0,0 +1,7 @@
+output "group_ids" {
+  description = "The IDs of the groups in the identity store"
+  value = {
+    for group in aws_identitystore_group.this :
+    group.display_name => group.id
+  }
+}

modules/aws/identity_center/group/variables.tf

@@ -0,0 +1,18 @@
+variable "groups" {
+  description = "(Required) The list of groups to create."
+  type = map(object({
+    display_name = string # (Required) The friendly name to identify the group.
+    description  = string # (Optional) The description of the group.
+  }))
+  # Example
+  # groups = {
+  #   "Administrators" = {
+  #     display_name = "Administrators"
+  #     description  = "The group for the administrators of the application."
+  #   },
+  #   "Users" = {
+  #     display_name = "Users"
+  #     description  = "The group for the users of the application."
+  #   }
+  # }
+}