Provides a resource to create an organization.
resource "aws_organizations_organization" "org" {
aws_service_access_principals = [
"cloudtrail.amazonaws.com",
"config.amazonaws.com",
]
feature_set = "ALL"
}
This resource supports the following arguments:
aws_service_access_principals
- (Optional) List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set
set to ALL
. Some services do not support enablement via this endpoint, see warning in aws docs.enabled_policy_types
- (Optional) List of Organizations policy types to enable in the Organization Root. Organization must have feature_set
set to ALL
. For additional information about valid policy types (e.g., AISERVICES_OPT_OUT_POLICY
, BACKUP_POLICY
, SERVICE_CONTROL_POLICY
, and TAG_POLICY
), see the AWS Organizations API Reference.feature_set
- (Optional) Specify "ALL" (default) or "CONSOLIDATED_BILLING".This resource exports the following attributes in addition to the arguments above:
accounts
- List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts
attribute. All elements have these attributes:
arn
- ARN of the accountemail
- Email of the accountid
- Identifier of the accountname
- Name of the accountstatus
- Current status of the accountarn
- ARN of the organizationid
- Identifier of the organizationmaster_account_arn
- ARN of the master accountmaster_account_email
- Email address of the master accountmaster_account_id
- Identifier of the master accountmaster_account_name
- Name of the master accountnon_master_accounts
- List of organization accounts excluding the master account. For a list including the master account, see the accounts
attribute. All elements have these attributes:
arn
- ARN of the accountemail
- Email of the accountid
- Identifier of the accountname
- Name of the accountstatus
- Current status of the accountroots
- List of organization roots. All elements have these attributes:
arn
- ARN of the rootid
- Identifier of the rootname
- Name of the rootpolicy_types
- List of policy types enabled for this root. All elements have these attributes:
name
- The name of the policy typestatus
- The status of the policy type as it relates to the associated rootIn Terraform v1.5.0 and later, use an import
block to import the AWS organization using the id
. For example:
import {
to = aws_organizations_organization.my_org
id = "o-1234567"
}
Using terraform import
, import the AWS organization using the id
. For example:
% terraform import aws_organizations_organization.my_org o-1234567