Organization

Provides a resource to create an organization.

Example Usage

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var org = new Aws.Organizations.Organization("org", new Aws.Organizations.OrganizationArgs
        {
            AwsServiceAccessPrincipals = 
            {
                "cloudtrail.amazonaws.com",
                "config.amazonaws.com",
            },
            FeatureSet = "ALL",
        });
    }

}

package main

import (
    "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/organizations"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        _, err := organizations.NewOrganization(ctx, "org", &organizations.OrganizationArgs{
            AwsServiceAccessPrincipals: pulumi.StringArray{
                pulumi.String("cloudtrail.amazonaws.com"),
                pulumi.String("config.amazonaws.com"),
            },
            FeatureSet: pulumi.String("ALL"),
        })
        if err != nil {
            return err
        }
        return nil
    })
}

import pulumi
import pulumi_aws as aws

org = aws.organizations.Organization("org",
    aws_service_access_principals=[
        "cloudtrail.amazonaws.com",
        "config.amazonaws.com",
    ],
    feature_set="ALL")

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const org = new aws.organizations.Organization("org", {
    awsServiceAccessPrincipals: [
        "cloudtrail.amazonaws.com",
        "config.amazonaws.com",
    ],
    featureSet: "ALL",
});

Create a Organization Resource

new Organization(name: string, args?: OrganizationArgs, opts?: CustomResourceOptions);

def Organization(resource_name, opts=None, aws_service_access_principals=None, enabled_policy_types=None, feature_set=None, __props__=None);

func NewOrganization(ctx *Context, name string, args *OrganizationArgs, opts ...ResourceOption) (*Organization, error)

public Organization(string name, OrganizationArgs? args = null, CustomResourceOptions? opts = null)

name string: The unique name of the resource.
args OrganizationArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
opts ResourceOptions: A bag of options that control this resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args OrganizationArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args OrganizationArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

Organization Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The Organization resource accepts the following input properties:

AwsServiceAccessPrincipals List<string>: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. For additional information, see the AWS Organizations User Guide.
EnabledPolicyTypes List<string>: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g. SERVICE_CONTROL_POLICY and TAG_POLICY), see the AWS Organizations API Reference.
FeatureSet string: Specify “ALL” (default) or “CONSOLIDATED_BILLING”.

AwsServiceAccessPrincipals []string: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. For additional information, see the AWS Organizations User Guide.
EnabledPolicyTypes []string: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g. SERVICE_CONTROL_POLICY and TAG_POLICY), see the AWS Organizations API Reference.
FeatureSet string: Specify “ALL” (default) or “CONSOLIDATED_BILLING”.

awsServiceAccessPrincipals string[]: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. For additional information, see the AWS Organizations User Guide.
enabledPolicyTypes string[]: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g. SERVICE_CONTROL_POLICY and TAG_POLICY), see the AWS Organizations API Reference.
featureSet string: Specify “ALL” (default) or “CONSOLIDATED_BILLING”.

aws_service_access_principals List[str]: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. For additional information, see the AWS Organizations User Guide.
enabled_policy_types List[str]: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g. SERVICE_CONTROL_POLICY and TAG_POLICY), see the AWS Organizations API Reference.
feature_set str: Specify “ALL” (default) or “CONSOLIDATED_BILLING”.

Outputs

All input properties are implicitly available as output properties. Additionally, the Organization resource produces the following output properties:

Accounts List<OrganizationAccount>: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
Arn string: ARN of the root
Id string: The provider-assigned unique ID for this managed resource.
MasterAccountArn string: ARN of the master account
MasterAccountEmail string: Email address of the master account
MasterAccountId string: Identifier of the master account
NonMasterAccounts List<OrganizationNonMasterAccount>: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
Roots List<OrganizationRoot>: List of organization roots. All elements have these attributes:

Accounts []OrganizationAccount: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
Arn string: ARN of the root
Id string: The provider-assigned unique ID for this managed resource.
MasterAccountArn string: ARN of the master account
MasterAccountEmail string: Email address of the master account
MasterAccountId string: Identifier of the master account
NonMasterAccounts []OrganizationNonMasterAccount: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
Roots []OrganizationRoot: List of organization roots. All elements have these attributes:

accounts OrganizationAccount[]: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
arn string: ARN of the root
id string: The provider-assigned unique ID for this managed resource.
masterAccountArn string: ARN of the master account
masterAccountEmail string: Email address of the master account
masterAccountId string: Identifier of the master account
nonMasterAccounts OrganizationNonMasterAccount[]: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
roots OrganizationRoot[]: List of organization roots. All elements have these attributes:

accounts List[OrganizationAccount]: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
arn str: ARN of the root
id str: The provider-assigned unique ID for this managed resource.
master_account_arn str: ARN of the master account
master_account_email str: Email address of the master account
master_account_id str: Identifier of the master account
non_master_accounts List[OrganizationNonMasterAccount]: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
roots List[OrganizationRoot]: List of organization roots. All elements have these attributes:

Look up an Existing Organization Resource

Get an existing Organization resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: OrganizationState, opts?: CustomResourceOptions): Organization

static get(resource_name, id, opts=None, accounts=None, arn=None, aws_service_access_principals=None, enabled_policy_types=None, feature_set=None, master_account_arn=None, master_account_email=None, master_account_id=None, non_master_accounts=None, roots=None, __props__=None);

func GetOrganization(ctx *Context, name string, id IDInput, state *OrganizationState, opts ...ResourceOption) (*Organization, error)

public static Organization Get(string name, Input<string> id, OrganizationState? state, CustomResourceOptions? opts = null)

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Accounts List<OrganizationAccountArgs>: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
Arn string: ARN of the root
AwsServiceAccessPrincipals List<string>: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. For additional information, see the AWS Organizations User Guide.
EnabledPolicyTypes List<string>: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g. SERVICE_CONTROL_POLICY and TAG_POLICY), see the AWS Organizations API Reference.
FeatureSet string: Specify “ALL” (default) or “CONSOLIDATED_BILLING”.
MasterAccountArn string: ARN of the master account
MasterAccountEmail string: Email address of the master account
MasterAccountId string: Identifier of the master account
NonMasterAccounts List<OrganizationNonMasterAccountArgs>: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
Roots List<OrganizationRootArgs>: List of organization roots. All elements have these attributes:

Accounts []OrganizationAccount: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
Arn string: ARN of the root
AwsServiceAccessPrincipals []string: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. For additional information, see the AWS Organizations User Guide.
EnabledPolicyTypes []string: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g. SERVICE_CONTROL_POLICY and TAG_POLICY), see the AWS Organizations API Reference.
FeatureSet string: Specify “ALL” (default) or “CONSOLIDATED_BILLING”.
MasterAccountArn string: ARN of the master account
MasterAccountEmail string: Email address of the master account
MasterAccountId string: Identifier of the master account
NonMasterAccounts []OrganizationNonMasterAccount: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
Roots []OrganizationRoot: List of organization roots. All elements have these attributes:

accounts OrganizationAccount[]: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
arn string: ARN of the root
awsServiceAccessPrincipals string[]: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. For additional information, see the AWS Organizations User Guide.
enabledPolicyTypes string[]: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g. SERVICE_CONTROL_POLICY and TAG_POLICY), see the AWS Organizations API Reference.
featureSet string: Specify “ALL” (default) or “CONSOLIDATED_BILLING”.
masterAccountArn string: ARN of the master account
masterAccountEmail string: Email address of the master account
masterAccountId string: Identifier of the master account
nonMasterAccounts OrganizationNonMasterAccount[]: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
roots OrganizationRoot[]: List of organization roots. All elements have these attributes:

accounts List[OrganizationAccount]: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
arn str: ARN of the root
aws_service_access_principals List[str]: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. For additional information, see the AWS Organizations User Guide.
enabled_policy_types List[str]: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g. SERVICE_CONTROL_POLICY and TAG_POLICY), see the AWS Organizations API Reference.
feature_set str: Specify “ALL” (default) or “CONSOLIDATED_BILLING”.
master_account_arn str: ARN of the master account
master_account_email str: Email address of the master account
master_account_id str: Identifier of the master account
non_master_accounts List[OrganizationNonMasterAccount]: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
roots List[OrganizationRoot]: List of organization roots. All elements have these attributes:

Supporting Types

OrganizationAccount

See the output API doc for this type.

Arn string: ARN of the root
Email string: Email of the account
Id string: Identifier of the root
Name string: The name of the policy type
Status string: The status of the policy type as it relates to the associated root

Arn string: ARN of the root
Email string: Email of the account
Id string: Identifier of the root
Name string: The name of the policy type
Status string: The status of the policy type as it relates to the associated root

arn string: ARN of the root
email string: Email of the account
id string: Identifier of the root
name string: The name of the policy type
status string: The status of the policy type as it relates to the associated root

arn str: ARN of the root
email str: Email of the account
id str: Identifier of the root
name str: The name of the policy type
status str: The status of the policy type as it relates to the associated root

OrganizationNonMasterAccount

See the output API doc for this type.

Arn string: ARN of the root
Email string: Email of the account
Id string: Identifier of the root
Name string: The name of the policy type
Status string: The status of the policy type as it relates to the associated root

Arn string: ARN of the root
Email string: Email of the account
Id string: Identifier of the root
Name string: The name of the policy type
Status string: The status of the policy type as it relates to the associated root

arn string: ARN of the root
email string: Email of the account
id string: Identifier of the root
name string: The name of the policy type
status string: The status of the policy type as it relates to the associated root

arn str: ARN of the root
email str: Email of the account
id str: Identifier of the root
name str: The name of the policy type
status str: The status of the policy type as it relates to the associated root

OrganizationRoot

See the output API doc for this type.

Arn string: ARN of the root
Id string: Identifier of the root
Name string: The name of the policy type
PolicyTypes List<OrganizationRootPolicyTypeArgs>: List of policy types enabled for this root. All elements have these attributes:

Arn string: ARN of the root
Id string: Identifier of the root
Name string: The name of the policy type
PolicyTypes []OrganizationRootPolicyType: List of policy types enabled for this root. All elements have these attributes:

arn string: ARN of the root
id string: Identifier of the root
name string: The name of the policy type
policyTypes OrganizationRootPolicyType[]: List of policy types enabled for this root. All elements have these attributes:

arn str: ARN of the root
id str: Identifier of the root
name str: The name of the policy type
policyTypes List[OrganizationRootPolicyType]: List of policy types enabled for this root. All elements have these attributes:

OrganizationRootPolicyType

See the output API doc for this type.

Status string: The status of the policy type as it relates to the associated root
Type string

Status string: The status of the policy type as it relates to the associated root
Type string

status string: The status of the policy type as it relates to the associated root
type string

status str: The status of the policy type as it relates to the associated root
type str

Package Details

Repository: https://github.com/pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud

Organization

Example Usage

Create a Organization Resource

Organization Resource Properties

Inputs

Outputs

Look up an Existing Organization Resource

Supporting Types

OrganizationAccount

OrganizationNonMasterAccount

OrganizationRoot

OrganizationRootPolicyType

Package Details

On This Page