feat: Add support for path in iam-group-with-assumable-roles-policy (#345)

Author: lesinigo

modules/iam-group-with-assumable-roles-policy/README.md

@@ -37,6 +37,7 @@ No modules.
 | <a name="input_assumable_roles"></a> [assumable\_roles](#input\_assumable\_roles) | List of IAM roles ARNs which can be assumed by the group | `list(string)` | `[]` | no |
 | <a name="input_group_users"></a> [group\_users](#input\_group\_users) | List of IAM users to have in an IAM group which can assume the role | `list(string)` | `[]` | no |
 | <a name="input_name"></a> [name](#input\_name) | Name of IAM policy and IAM group | `string` | n/a | yes |
+| <a name="input_path"></a> [path](#input\_path) | Path of IAM policy and IAM group | `string` | `"/"` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | A map of tags to add to all resources. | `map(string)` | `{}` | no |
 
 ## Outputs

modules/iam-group-with-assumable-roles-policy/main.tf

@@ -8,6 +8,7 @@ data "aws_iam_policy_document" "assume_role" {
 
 resource "aws_iam_policy" "this" {
   name        = var.name
+  path        = var.path
   description = "Allows to assume role in another AWS account"
   policy      = data.aws_iam_policy_document.assume_role.json
 
@@ -16,6 +17,7 @@ resource "aws_iam_policy" "this" {
 
 resource "aws_iam_group" "this" {
   name = var.name
+  path = var.path
 }
 
 resource "aws_iam_group_policy_attachment" "this" {

modules/iam-group-with-assumable-roles-policy/variables.tf

@@ -3,6 +3,12 @@ variable "name" {
   type        = string
 }
 
+variable "path" {
+  description = "Path of IAM policy and IAM group"
+  type        = string
+  default     = "/"
+}
+
 variable "assumable_roles" {
   description = "List of IAM roles ARNs which can be assumed by the group"
   type        = list(string)