From 98c7e4da7e92d96bad012f39e07fb97b597346e6 Mon Sep 17 00:00:00 2001
From: Jon Buckley <jbuckley@mozilla.com>
Date: Tue, 29 Jul 2025 11:22:44 -0400
Subject: [PATCH] feat(aws_gke_oidc_role): Add role_path variable

---
 aws_gke_oidc_role/main.tf      | 1 +
 aws_gke_oidc_role/variables.tf | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/aws_gke_oidc_role/main.tf b/aws_gke_oidc_role/main.tf
index f2a5f296..23610675 100644
--- a/aws_gke_oidc_role/main.tf
+++ b/aws_gke_oidc_role/main.tf
@@ -40,6 +40,7 @@ module "iam_assumable_role_for_oidc" {
   version                       = "~> v5.9"
   create_role                   = true
   role_name                     = var.role_name
+  role_path                     = var.role_path
   role_description              = "Role for ${var.gke_cluster_name}/${var.gke_namespace}/${var.gke_service_account} to assume"
   provider_url                  = replace(data.aws_iam_openid_connect_provider.gke_oidc.url, "https://", "")
   role_policy_arns              = var.iam_policy_arns
diff --git a/aws_gke_oidc_role/variables.tf b/aws_gke_oidc_role/variables.tf
index 3c58917b..0dde61b7 100644
--- a/aws_gke_oidc_role/variables.tf
+++ b/aws_gke_oidc_role/variables.tf
@@ -10,6 +10,12 @@ variable "role_name" {
   type        = string
 }
 
+variable "role_path" {
+  default     = null
+  description = "Path of IAM role"
+  type        = string
+}
+
 variable "aws_region" {
   description = "AWS region"
   type        = string