Manages the Detective Organization Configuration in the current AWS Region. The AWS account utilizing this resource must have been assigned as a delegated Organization administrator account, e.g., via the aws_detective_organization_admin_account
resource. More information about Organizations support in Detective can be found in the Detective User Guide.
resource "aws_detective_graph" "example" {
enable = true
}
resource "aws_detective_organization_configuration" "example" {
auto_enable = true
graph_arn = aws_detective_graph.example.id
}
The following arguments are supported:
auto_enable
- (Required) When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s Detective delegated administrator and Detective is enabled in that AWS Region.graph_arn
- (Required) ARN of the behavior graph.This resource exports the following attributes in addition to the arguments above:
id
- Identifier of the Detective Graph.In Terraform v1.5.0 and later, use an import
block to import aws_detective_organization_admin_account
using the Detective Graph ID. For example:
import {
to = aws_detective_organization_configuration.example
id = "00b00fd5aecc0ab60a708659477e9617"
}
Using terraform import
, import aws_detective_organization_admin_account
using the Detective Graph ID. For example:
% terraform import aws_detective_organization_configuration.example 00b00fd5aecc0ab60a708659477e9617