Exclude manually created Identity Center Groups

[yesteph]

Is your feature request related to a problem? Please describe.

In conjunction with Google Workspace groups, we have some Identity Center groups that have been manually created. We need them because in complement of Google Workspace administrators, we have AWS administrators that can run some infra as code to provision groups and permission sets.

Right now, SSOSync deletes all the groups in Identity Center which are not present in Google workspaces side.

Describe the solution you'd like

Add an option to preserve Identity Center groups that are not related to Google Workspace ones.

If True this option must make SSOSync to keep AWS Identity Center groups Manual synced, and only delete SCIM synced groups

[yesteph]

Not so easy to retrieve if an Identity Center group creation is Manual or SCIM.

An alternative is to apply a regular expression on existing AWS groups, to exclude them from the list of groups considered during a synch.

[ChrisPates]

Indeed, I like the idea. However, will need to rework so all user and group creations are via SCIM and not the IdentityStore API. To allow it to distinguish.

[ChrisPates]

This items has been merged into a more complete feature request Configurable handling of 'manually created' Users/Groups in IAM Identity Center #179, please review and provide feedback on that item.