» Data Source: aws_organizations_organization
Get information about the organization that the user's account belongs to
» Example Usage
» List all account IDs for the organization
# Terraform 0.12 syntax
data "aws_organizations_organization" "example" {}
output "account_ids" {
value = data.aws_organizations_organization.example.accounts[*].id
}
» SNS topic that can be interacted by the organization only
data "aws_organizations_organization" "example" {}
resource "aws_sns_topic" "sns_topic" {
name = "my-sns-topic"
}
resource "aws_sns_topic_policy" "sns_topic_policy" {
arn = "${aws_sns_topic.sns_topic.arn}"
policy = "${data.aws_iam_policy_document.sns_topic_policy.json}"
}
data "aws_iam_policy_document" "sns_topic_policy" {
statement {
effect = "Allow"
actions = [
"SNS:Subscribe",
"SNS:Publish",
]
condition {
test = "StringEquals"
variable = "aws:PrincipalOrgID"
values = [
"${data.aws_organizations_organization.example.id}",
]
}
principals {
type = "AWS"
identifiers = ["*"]
}
resources = [
"${aws_sns_topic.sns_topic.arn}",
]
}
}
» Argument Reference
There are no arguments available for this data source.
» Attributes Reference
In addition to all arguments above, the following attributes are exported:
arn
- The Amazon Resource Name (ARN) of the organization.feature_set
- The FeatureSet of the organization.id
- The ID of the organization.master_account_arn
- The Amazon Resource Name (ARN) of the account that is designated as the master account for the organization.master_account_email
- The email address that is associated with the AWS account that is designated as the master account for the organization.master_account_id
- The unique identifier (ID) of the master account of an organization.
» Master Account Attributes Reference
If the account is the master account for the organization, the following attributes are also exported:
accounts
- List of organization accounts including the master account. For a list excluding the master account, see thenon_master_accounts
attribute. All elements have these attributes:aws_service_access_principals
- A list of AWS service principal names that have integration enabled with your organization. Organization must havefeature_set
set toALL
. For additional information, see the AWS Organizations User Guide.enabled_policy_types
- A list of Organizations policy types that are enabled in the Organization Root. Organization must havefeature_set
set toALL
. For additional information about valid policy types (e.g.SERVICE_CONTROL_POLICY
), see the AWS Organizations API Reference.non_master_accounts
- List of organization accounts excluding the master account. For a list including the master account, see theaccounts
attribute. All elements have these attributes:roots
- List of organization roots. All elements have these attributes: