[IT-4031] Add openchallenges developer SSO access (#1304)

Setup developer access to AWS org-sagebase-openchallenges-dev account.

org-formation/700-aws-sso/_tasks.yaml

@@ -313,6 +313,10 @@ Parameters:
     Type: String
     Default: '2448e4e8-50b1-70e5-def0-07e0f4fcd60e'
 
+  OpenchallengesDevDeveloperGroup:     # JC aws-openchallenges-dev-developers
+    Type: String
+    Default: '44183438-a051-7070-f706-284ffd41907b'
+
   OpenchallengesDevAdminGroup:     # JC aws-openchallenges-dev-admins
     Type: String
     Default: 'e4388458-2011-7096-3f98-3a6eeb10e458'
@@ -2164,6 +2168,23 @@ SsoItsandboxDeveloper:
     principalId: !Ref itsandboxDeveloperGroup
     permissionSetArn: !CopyValue [ !Sub '${resourcePrefix}-${appName}-developer-permission-set-arn' ]
 
+SsoOpenchallengesDevDeveloper:
+  Type: update-stacks
+  DependsOn: SsoDeveloper
+  Template: https://raw.githubusercontent.com/Sage-Bionetworks/aws-infra/v0.3.8/templates/SSO/aws-sso.yaml
+  StackName: !Sub '${resourcePrefix}-${appName}-openchallenges-dev-developer'
+  StackDescription: 'SSO: Developer role used by openchallenges developer group'
+  DefaultOrganizationBindingRegion: !Ref primaryRegion
+  DefaultOrganizationBinding:
+    IncludeMasterAccount: true
+  OrganizationBindings:
+    TargetBinding:
+      Account: !Ref OpenChallengesDevAccount
+  Parameters:
+    instanceArn: !Ref instanceArn
+    principalId: !Ref OpenchallengesDevDeveloperGroup
+    permissionSetArn: !CopyValue [ !Sub '${resourcePrefix}-${appName}-developer-permission-set-arn' ]
+
 SsoOpenchallengesDevAdmin:
   Type: update-stacks
   DependsOn: SsoAdministrator