diff --git a/fast/stages-multitenant/0-bootstrap-tenant/README.md b/fast/stages-multitenant/0-bootstrap-tenant/README.md
index 3b0684bf06..a10b808dc5 100644
--- a/fast/stages-multitenant/0-bootstrap-tenant/README.md
+++ b/fast/stages-multitenant/0-bootstrap-tenant/README.md
@@ -204,7 +204,7 @@ This configuration is possible but unsupported and only exists for development p
| [tag_keys](variables.tf#L230) | Organization tag keys. | object({…}) | ✓ | | 1-resman |
| [tag_names](variables.tf#L241) | Customized names for resource management tags. | object({…}) | ✓ | | 1-resman |
| [tag_values](variables.tf#L252) | Organization resource management tag values. | map(string) | ✓ | | 1-resman |
-| [tenant_config](variables.tf#L259) | Tenant configuration. Short name must be 4 characters or less. | object({…}) | ✓ | | |
+| [tenant_config](variables.tf#L259) | Tenant configuration. Short name must be 4 characters or less. If `short_name_is_prefix` is true, short name must be 9 characters or less, and will be used as the prefix as is. | object({…}) | ✓ | | |
| [cicd_repositories](variables.tf#L48) | CI/CD repository configuration. Identity providers reference keys in the `federated_identity_providers` variable. Set to null to disable, or set individual repositories to null if not needed. | object({…}) | | null | |
| [custom_roles](variables.tf#L94) | Custom roles defined at the organization level, in key => id format. | object({…}) | | null | 0-bootstrap |
| [fast_features](variables.tf#L104) | Selective control for top-level FAST features. | object({…}) | | {} | 0-bootstrap |
@@ -216,7 +216,7 @@ This configuration is possible but unsupported and only exists for development p
| [log_sinks](variables.tf#L170) | Tenant-level log sinks, in name => {type, filter} format. | map(object({…})) | | {…} | |
| [outputs_location](variables.tf#L201) | Enable writing provider, tfvars and CI/CD workflow files to local filesystem. Leave null to disable. | string | | null | |
| [project_parent_ids](variables.tf#L217) | Optional parents for projects created here in folders/nnnnnnn format. Null values will use the tenant folder as parent. | object({…}) | | {…} | |
-| [test_principal](variables.tf#L299) | Used when testing to bypass the data source returning the current identity. | string | | null | |
+| [test_principal](variables.tf#L300) | Used when testing to bypass the data source returning the current identity. | string | | null | |
## Outputs
diff --git a/fast/stages-multitenant/0-bootstrap-tenant/main.tf b/fast/stages-multitenant/0-bootstrap-tenant/main.tf
index e4ca74afc8..5f1c630b90 100644
--- a/fast/stages-multitenant/0-bootstrap-tenant/main.tf
+++ b/fast/stages-multitenant/0-bootstrap-tenant/main.tf
@@ -32,7 +32,7 @@ locals {
for k, v in var.tenant_config.locations :
k => v == null || v == [] ? var.locations[k] : v
}
- prefix = join("-", compact([var.prefix, var.tenant_config.short_name]))
+ prefix = var.tenant_config.short_name_is_prefix ? var.tenant_config.short_name : join("-", compact([var.prefix, var.tenant_config.short_name]))
resman_sa = (
var.test_principal == null
? data.google_client_openid_userinfo.resman-sa.0.email
diff --git a/fast/stages-multitenant/0-bootstrap-tenant/variables.tf b/fast/stages-multitenant/0-bootstrap-tenant/variables.tf
index aa90f400f2..718818eae9 100644
--- a/fast/stages-multitenant/0-bootstrap-tenant/variables.tf
+++ b/fast/stages-multitenant/0-bootstrap-tenant/variables.tf
@@ -257,7 +257,7 @@ variable "tag_values" {
}
variable "tenant_config" {
- description = "Tenant configuration. Short name must be 4 characters or less."
+ description = "Tenant configuration. Short name must be 4 characters or less. If `short_name_is_prefix` is true, short name must be 9 characters or less, and will be used as the prefix as is."
type = object({
descriptive_name = string
groups = object({
@@ -266,7 +266,8 @@ variable "tenant_config" {
gcp-network-admins = optional(string)
gcp-security-admins = optional(string)
})
- short_name = string
+ short_name = string
+ short_name_is_prefix = optional(bool, false)
fast_features = optional(object({
data_platform = optional(bool)
gke = optional(bool)
@@ -290,7 +291,7 @@ variable "tenant_config" {
error_message = "Non-optional members must not be null."
}
validation {
- condition = length(var.tenant_config.short_name) < 5
+ condition = (var.tenant_config.short_name_is_prefix && length(var.tenant_config.short_name) < 10) || length(var.tenant_config.short_name) < 5
error_message = "Short name must be a string of 4 characters or less."
}
}