From 21a3a4f6fff3c6dc6b2e20963ecc7f60b5cbc528 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Mon, 30 Oct 2023 14:27:37 -0700
Subject: [PATCH] ipsilon: add SAML2 mapping for aws-openscanhub group

This adds a mapping for a aws-openscanhub group.
See https://pagure.io/fedora-infrastructure/issue/11384 for more info.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 roles/ipsilon/templates/configuration.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/ipsilon/templates/configuration.conf b/roles/ipsilon/templates/configuration.conf
index 2a9a893b85..52dec45db4 100644
--- a/roles/ipsilon/templates/configuration.conf
+++ b/roles/ipsilon/templates/configuration.conf
@@ -5,7 +5,7 @@ global enabled=gssapi,pam
 global enabled = fas
 fas preconfigured=True
 fas aws idp arn=arn:aws:iam::125523088429:saml-provider/id.fedoraproject.org
-fas aws groups=[["aws-master", "arn:aws:iam::125523088429:role/aws-master"], ["aws-iam", "arn:aws:iam::125523088429:role/aws-iam"], ["aws-billing", "arn:aws:iam::125523088429:role/aws-billing"], ["aws-atomic", "arn:aws:iam::125523088429:role/aws-atomic"], ["aws-s3-readonly", "arn:aws:iam::125523088429:role/aws-s3-readonly"], ["aws-fedoramirror", "arn:aws:iam::125523088429:role/aws-fedoramirror"], ["aws-s3", "arn:aws:iam::125523088429:role/aws-s3"], ["aws-cloud-poc", "arn:aws:iam::125523088429:role/aws-cloud-poc"], ["aws-infra", "arn:aws:iam::125523088429:role/aws-infra"], ["aws-docs", "arn:aws:iam::125523088429:role/aws-docs"], ["aws-copr", "arn:aws:iam::125523088429:role/aws-copr"], ["aws-centos", "arn:aws:iam::125523088429:role/aws-centos"], ["aws-min", "arn:aws:iam::125523088429:role/aws-min"], ["aws-fedora-ci", "arn:aws:iam::125523088429:role/aws-fedora-ci"], ["aws-fcos-mgmt", "arn:aws:iam::125523088429:role/aws-fcos-mgmt"], ["aws-qa", "arn:aws:iam::125523088429:role/aws-qa"], ["aws-fcos-s3-readonly", "arn:aws:iam::125523088429:role/aws-fcos-s3-readonly"], ["aws-fpl", "arn:aws:iam::125523088429:role/aws-fpl"]]
+fas aws groups=[["aws-master", "arn:aws:iam::125523088429:role/aws-master"], ["aws-iam", "arn:aws:iam::125523088429:role/aws-iam"], ["aws-billing", "arn:aws:iam::125523088429:role/aws-billing"], ["aws-atomic", "arn:aws:iam::125523088429:role/aws-atomic"], ["aws-s3-readonly", "arn:aws:iam::125523088429:role/aws-s3-readonly"], ["aws-fedoramirror", "arn:aws:iam::125523088429:role/aws-fedoramirror"], ["aws-s3", "arn:aws:iam::125523088429:role/aws-s3"], ["aws-cloud-poc", "arn:aws:iam::125523088429:role/aws-cloud-poc"], ["aws-infra", "arn:aws:iam::125523088429:role/aws-infra"], ["aws-docs", "arn:aws:iam::125523088429:role/aws-docs"], ["aws-copr", "arn:aws:iam::125523088429:role/aws-copr"], ["aws-centos", "arn:aws:iam::125523088429:role/aws-centos"], ["aws-min", "arn:aws:iam::125523088429:role/aws-min"], ["aws-fedora-ci", "arn:aws:iam::125523088429:role/aws-fedora-ci"], ["aws-fcos-mgmt", "arn:aws:iam::125523088429:role/aws-fcos-mgmt"], ["aws-qa", "arn:aws:iam::125523088429:role/aws-qa"], ["aws-fcos-s3-readonly", "arn:aws:iam::125523088429:role/aws-fcos-s3-readonly"], ["aws-fpl", "arn:aws:iam::125523088429:role/aws-fpl"], ["aws-openscanhub", "arn:aws:iam::125523088429:role/aws-openscanhub"]]
 
 [authz_config]
 global enabled=allow