organizations

package
v1.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 17, 2019 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Overview

nolint: lll Package organizations exports types, functions, subpackages for provisioning organizations resources.

> This provider is a derived work of the [Terraform Provider](https://github.com/terraform-providers/terraform-provider-aws) > distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature, > first check the [`pulumi/pulumi-aws` repo](https://github.com/pulumi/pulumi-aws/issues); however, if that doesn't turn up anything, > please consult the source [`terraform-providers/terraform-provider-aws` repo](https://github.com/terraform-providers/terraform-provider-aws/issues).

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Account 

type Account struct {
	// contains filtered or unexported fields
}

Provides a resource to create a member account in the current organization.

> **Note:** Account management must be done from the organization's master account.

!> **WARNING:** Deleting this resource will only remove an AWS account from an organization. This provider will not close the account. The member account must be prepared to be a standalone account beforehand. See the [AWS Organizations documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html) for more information.

> This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/organizations_account.html.markdown.

func GetAccount 

func GetAccount(ctx *pulumi.Context,
	name string, id pulumi.ID, state *AccountState, opts ...pulumi.ResourceOpt) (*Account, error)

GetAccount gets an existing Account resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccount 

func NewAccount(ctx *pulumi.Context,
	name string, args *AccountArgs, opts ...pulumi.ResourceOpt) (*Account, error)

NewAccount registers a new resource with the given unique name, arguments, and options.

func (*Account) Arn 

func (r *Account) Arn() *pulumi.StringOutput

The ARN for this account.

func (*Account) Email 

func (r *Account) Email() *pulumi.StringOutput

The email address of the owner to assign to the new member account. This email address must not already be associated with another AWS account.

func (*Account) ID 

func (r *Account) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Account) IamUserAccessToBilling 

func (r *Account) IamUserAccessToBilling() *pulumi.StringOutput

If set to `ALLOW`, the new account enables IAM users to access account billing information if they have the required permissions. If set to `DENY`, then only the root user of the new account can access account billing information.

func (*Account) JoinedMethod 

func (r *Account) JoinedMethod() *pulumi.StringOutput

func (*Account) JoinedTimestamp 

func (r *Account) JoinedTimestamp() *pulumi.StringOutput

func (*Account) Name 

func (r *Account) Name() *pulumi.StringOutput

A friendly name for the member account.

func (*Account) ParentId added in v0.18.4 

func (r *Account) ParentId() *pulumi.StringOutput

Parent Organizational Unit ID or Root ID for the account. Defaults to the Organization default Root ID. A configuration must be present for this argument to perform drift detection.

func (*Account) RoleName 

func (r *Account) RoleName() *pulumi.StringOutput

The name of an IAM role that Organizations automatically preconfigures in the new member account. This role trusts the master account, allowing users in the master account to assume the role, as permitted by the master account administrator. The role has administrator permissions in the new member account. The Organizations API provides no method for reading this information after account creation, so this provider cannot perform drift detection on its value and will always show a difference for a configured value after import unless [`ignoreChanges`](https://www.terraform.io/docs/configuration/resources.html#ignore_changes) is used.

func (*Account) Status 

func (r *Account) Status() *pulumi.StringOutput

func (*Account) Tags added in v0.18.21 

func (r *Account) Tags() *pulumi.MapOutput

Key-value mapping of resource tags.

func (*Account) URN 

func (r *Account) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type AccountArgs 

type AccountArgs struct {
	// The email address of the owner to assign to the new member account. This email address must not already be associated with another AWS account.
	Email interface{}
	// If set to `ALLOW`, the new account enables IAM users to access account billing information if they have the required permissions. If set to `DENY`, then only the root user of the new account can access account billing information.
	IamUserAccessToBilling interface{}
	// A friendly name for the member account.
	Name interface{}
	// Parent Organizational Unit ID or Root ID for the account. Defaults to the Organization default Root ID. A configuration must be present for this argument to perform drift detection.
	ParentId interface{}
	// The name of an IAM role that Organizations automatically preconfigures in the new member account. This role trusts the master account, allowing users in the master account to assume the role, as permitted by the master account administrator. The role has administrator permissions in the new member account. The Organizations API provides no method for reading this information after account creation, so this provider cannot perform drift detection on its value and will always show a difference for a configured value after import unless [`ignoreChanges`](https://www.terraform.io/docs/configuration/resources.html#ignore_changes) is used.
	RoleName interface{}
	// Key-value mapping of resource tags.
	Tags interface{}
}

The set of arguments for constructing a Account resource.

type AccountState 

type AccountState struct {
	// The ARN for this account.
	Arn interface{}
	// The email address of the owner to assign to the new member account. This email address must not already be associated with another AWS account.
	Email interface{}
	// If set to `ALLOW`, the new account enables IAM users to access account billing information if they have the required permissions. If set to `DENY`, then only the root user of the new account can access account billing information.
	IamUserAccessToBilling interface{}
	JoinedMethod           interface{}
	JoinedTimestamp        interface{}
	// A friendly name for the member account.
	Name interface{}
	// Parent Organizational Unit ID or Root ID for the account. Defaults to the Organization default Root ID. A configuration must be present for this argument to perform drift detection.
	ParentId interface{}
	// The name of an IAM role that Organizations automatically preconfigures in the new member account. This role trusts the master account, allowing users in the master account to assume the role, as permitted by the master account administrator. The role has administrator permissions in the new member account. The Organizations API provides no method for reading this information after account creation, so this provider cannot perform drift detection on its value and will always show a difference for a configured value after import unless [`ignoreChanges`](https://www.terraform.io/docs/configuration/resources.html#ignore_changes) is used.
	RoleName interface{}
	Status   interface{}
	// Key-value mapping of resource tags.
	Tags interface{}
}

Input properties used for looking up and filtering Account resources.

type GetOrganizationResult added in v0.18.25 

type GetOrganizationResult struct {
	// List of organization accounts including the master account. For a list excluding the master account, see the `nonMasterAccounts` attribute. All elements have these attributes:
	Accounts interface{}
	// ARN of the root
	Arn interface{}
	// A list of AWS service principal names that have integration enabled with your organization. Organization must have `featureSet` set to `ALL`. For additional information, see the [AWS Organizations User Guide](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html).
	AwsServiceAccessPrincipals interface{}
	// A list of Organizations policy types that are enabled in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g. `SERVICE_CONTROL_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
	EnabledPolicyTypes interface{}
	// The FeatureSet of the organization.
	FeatureSet interface{}
	// The Amazon Resource Name (ARN) of the account that is designated as the master account for the organization.
	MasterAccountArn interface{}
	// The email address that is associated with the AWS account that is designated as the master account for the organization.
	MasterAccountEmail interface{}
	// The unique identifier (ID) of the master account of an organization.
	MasterAccountId interface{}
	// List of organization accounts excluding the master account. For a list including the master account, see the `accounts` attribute. All elements have these attributes:
	NonMasterAccounts interface{}
	// List of organization roots. All elements have these attributes:
	Roots interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getOrganization.

func LookupOrganization added in v0.18.25 

func LookupOrganization(ctx *pulumi.Context) (*GetOrganizationResult, error)

Get information about the organization that the user's account belongs to

> This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/d/organizations_organization.html.markdown.

type Organization 

type Organization struct {
	// contains filtered or unexported fields
}

Provides a resource to create an organization.

> This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/organizations_organization.html.markdown.

func GetOrganization 

func GetOrganization(ctx *pulumi.Context,
	name string, id pulumi.ID, state *OrganizationState, opts ...pulumi.ResourceOpt) (*Organization, error)

GetOrganization gets an existing Organization resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewOrganization 

func NewOrganization(ctx *pulumi.Context,
	name string, args *OrganizationArgs, opts ...pulumi.ResourceOpt) (*Organization, error)

NewOrganization registers a new resource with the given unique name, arguments, and options.

func (*Organization) Accounts added in v0.18.4 

func (r *Organization) Accounts() *pulumi.ArrayOutput

List of organization accounts including the master account. For a list excluding the master account, see the `nonMasterAccounts` attribute. All elements have these attributes:

func (*Organization) Arn 

func (r *Organization) Arn() *pulumi.StringOutput

ARN of the root

func (*Organization) AwsServiceAccessPrincipals added in v0.16.3 

func (r *Organization) AwsServiceAccessPrincipals() *pulumi.ArrayOutput

List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `featureSet` set to `ALL`. For additional information, see the [AWS Organizations User Guide](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html).

func (*Organization) EnabledPolicyTypes added in v0.18.4 

func (r *Organization) EnabledPolicyTypes() *pulumi.ArrayOutput

List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g. `SERVICE_CONTROL_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).

func (*Organization) FeatureSet 

func (r *Organization) FeatureSet() *pulumi.StringOutput

Specify "ALL" (default) or "CONSOLIDATED_BILLING".

func (*Organization) ID 

func (r *Organization) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Organization) MasterAccountArn 

func (r *Organization) MasterAccountArn() *pulumi.StringOutput

ARN of the master account

func (*Organization) MasterAccountEmail 

func (r *Organization) MasterAccountEmail() *pulumi.StringOutput

Email address of the master account

func (*Organization) MasterAccountId 

func (r *Organization) MasterAccountId() *pulumi.StringOutput

Identifier of the master account

func (*Organization) NonMasterAccounts added in v0.18.13 

func (r *Organization) NonMasterAccounts() *pulumi.ArrayOutput

List of organization accounts excluding the master account. For a list including the master account, see the `accounts` attribute. All elements have these attributes:

func (*Organization) Roots added in v0.18.4 

func (r *Organization) Roots() *pulumi.ArrayOutput

List of organization roots. All elements have these attributes:

func (*Organization) URN 

func (r *Organization) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type OrganizationArgs 

type OrganizationArgs struct {
	// List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `featureSet` set to `ALL`. For additional information, see the [AWS Organizations User Guide](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html).
	AwsServiceAccessPrincipals interface{}
	// List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g. `SERVICE_CONTROL_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
	EnabledPolicyTypes interface{}
	// Specify "ALL" (default) or "CONSOLIDATED_BILLING".
	FeatureSet interface{}
}

The set of arguments for constructing a Organization resource.

type OrganizationState 

type OrganizationState struct {
	// List of organization accounts including the master account. For a list excluding the master account, see the `nonMasterAccounts` attribute. All elements have these attributes:
	Accounts interface{}
	// ARN of the root
	Arn interface{}
	// List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `featureSet` set to `ALL`. For additional information, see the [AWS Organizations User Guide](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html).
	AwsServiceAccessPrincipals interface{}
	// List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g. `SERVICE_CONTROL_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
	EnabledPolicyTypes interface{}
	// Specify "ALL" (default) or "CONSOLIDATED_BILLING".
	FeatureSet interface{}
	// ARN of the master account
	MasterAccountArn interface{}
	// Email address of the master account
	MasterAccountEmail interface{}
	// Identifier of the master account
	MasterAccountId interface{}
	// List of organization accounts excluding the master account. For a list including the master account, see the `accounts` attribute. All elements have these attributes:
	NonMasterAccounts interface{}
	// List of organization roots. All elements have these attributes:
	Roots interface{}
}

Input properties used for looking up and filtering Organization resources.

type OrganizationalUnit added in v0.18.4 

type OrganizationalUnit struct {
	// contains filtered or unexported fields
}

Provides a resource to create an organizational unit.

> This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/organizations_organizational_unit.html.markdown.

func GetOrganizationalUnit added in v0.18.4 

func GetOrganizationalUnit(ctx *pulumi.Context,
	name string, id pulumi.ID, state *OrganizationalUnitState, opts ...pulumi.ResourceOpt) (*OrganizationalUnit, error)

GetOrganizationalUnit gets an existing OrganizationalUnit resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewOrganizationalUnit added in v0.18.4 

func NewOrganizationalUnit(ctx *pulumi.Context,
	name string, args *OrganizationalUnitArgs, opts ...pulumi.ResourceOpt) (*OrganizationalUnit, error)

NewOrganizationalUnit registers a new resource with the given unique name, arguments, and options.

func (*OrganizationalUnit) Accounts added in v0.18.4 

func (r *OrganizationalUnit) Accounts() *pulumi.ArrayOutput

List of child accounts for this Organizational Unit. Does not return account information for child Organizational Units. All elements have these attributes:

func (*OrganizationalUnit) Arn added in v0.18.4 

func (r *OrganizationalUnit) Arn() *pulumi.StringOutput

ARN of the organizational unit

func (*OrganizationalUnit) ID added in v0.18.4 

func (r *OrganizationalUnit) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*OrganizationalUnit) Name added in v0.18.4 

func (r *OrganizationalUnit) Name() *pulumi.StringOutput

The name for the organizational unit

func (*OrganizationalUnit) ParentId added in v0.18.4 

func (r *OrganizationalUnit) ParentId() *pulumi.StringOutput

ID of the parent organizational unit, which may be the root

func (*OrganizationalUnit) URN added in v0.18.4 

func (r *OrganizationalUnit) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type OrganizationalUnitArgs added in v0.18.4 

type OrganizationalUnitArgs struct {
	// The name for the organizational unit
	Name interface{}
	// ID of the parent organizational unit, which may be the root
	ParentId interface{}
}

The set of arguments for constructing a OrganizationalUnit resource.

type OrganizationalUnitState added in v0.18.4 

type OrganizationalUnitState struct {
	// List of child accounts for this Organizational Unit. Does not return account information for child Organizational Units. All elements have these attributes:
	Accounts interface{}
	// ARN of the organizational unit
	Arn interface{}
	// The name for the organizational unit
	Name interface{}
	// ID of the parent organizational unit, which may be the root
	ParentId interface{}
}

Input properties used for looking up and filtering OrganizationalUnit resources.

type Policy 

type Policy struct {
	// contains filtered or unexported fields
}

Provides a resource to manage an [AWS Organizations policy](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html).

> This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/organizations_policy.html.markdown.

func GetPolicy 

func GetPolicy(ctx *pulumi.Context,
	name string, id pulumi.ID, state *PolicyState, opts ...pulumi.ResourceOpt) (*Policy, error)

GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicy 

func NewPolicy(ctx *pulumi.Context,
	name string, args *PolicyArgs, opts ...pulumi.ResourceOpt) (*Policy, error)

NewPolicy registers a new resource with the given unique name, arguments, and options.

func (*Policy) Arn 

func (r *Policy) Arn() *pulumi.StringOutput

Amazon Resource Name (ARN) of the policy.

func (*Policy) Content 

func (r *Policy) Content() *pulumi.StringOutput

The policy content to add to the new policy. For example, if you create a [service control policy (SCP)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html), this string must be JSON text that specifies the permissions that admins in attached accounts can delegate to their users, groups, and roles. For more information about the SCP syntax, see the [Service Control Policy Syntax documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html).

func (*Policy) Description 

func (r *Policy) Description() *pulumi.StringOutput

A description to assign to the policy.

func (*Policy) ID 

func (r *Policy) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Policy) Name 

func (r *Policy) Name() *pulumi.StringOutput

The friendly name to assign to the policy.

func (*Policy) Type 

func (r *Policy) Type() *pulumi.StringOutput

The type of policy to create. Currently, the only valid value is `SERVICE_CONTROL_POLICY` (SCP).

func (*Policy) URN 

func (r *Policy) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type PolicyArgs 

type PolicyArgs struct {
	// The policy content to add to the new policy. For example, if you create a [service control policy (SCP)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html), this string must be JSON text that specifies the permissions that admins in attached accounts can delegate to their users, groups, and roles. For more information about the SCP syntax, see the [Service Control Policy Syntax documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html).
	Content interface{}
	// A description to assign to the policy.
	Description interface{}
	// The friendly name to assign to the policy.
	Name interface{}
	// The type of policy to create. Currently, the only valid value is `SERVICE_CONTROL_POLICY` (SCP).
	Type interface{}
}

The set of arguments for constructing a Policy resource.

type PolicyAttachment 

type PolicyAttachment struct {
	// contains filtered or unexported fields
}

Provides a resource to attach an AWS Organizations policy to an organization account, root, or unit.

> This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/organizations_policy_attachment.html.markdown.

func GetPolicyAttachment 

func GetPolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.ID, state *PolicyAttachmentState, opts ...pulumi.ResourceOpt) (*PolicyAttachment, error)

GetPolicyAttachment gets an existing PolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicyAttachment 

func NewPolicyAttachment(ctx *pulumi.Context,
	name string, args *PolicyAttachmentArgs, opts ...pulumi.ResourceOpt) (*PolicyAttachment, error)

NewPolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*PolicyAttachment) ID 

func (r *PolicyAttachment) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*PolicyAttachment) PolicyId 

func (r *PolicyAttachment) PolicyId() *pulumi.StringOutput

The unique identifier (ID) of the policy that you want to attach to the target.

func (*PolicyAttachment) TargetId 

func (r *PolicyAttachment) TargetId() *pulumi.StringOutput

The unique identifier (ID) of the root, organizational unit, or account number that you want to attach the policy to.

func (*PolicyAttachment) URN 

func (r *PolicyAttachment) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type PolicyAttachmentArgs 

type PolicyAttachmentArgs struct {
	// The unique identifier (ID) of the policy that you want to attach to the target.
	PolicyId interface{}
	// The unique identifier (ID) of the root, organizational unit, or account number that you want to attach the policy to.
	TargetId interface{}
}

The set of arguments for constructing a PolicyAttachment resource.

type PolicyAttachmentState 

type PolicyAttachmentState struct {
	// The unique identifier (ID) of the policy that you want to attach to the target.
	PolicyId interface{}
	// The unique identifier (ID) of the root, organizational unit, or account number that you want to attach the policy to.
	TargetId interface{}
}

Input properties used for looking up and filtering PolicyAttachment resources.

type PolicyState 

type PolicyState struct {
	// Amazon Resource Name (ARN) of the policy.
	Arn interface{}
	// The policy content to add to the new policy. For example, if you create a [service control policy (SCP)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html), this string must be JSON text that specifies the permissions that admins in attached accounts can delegate to their users, groups, and roles. For more information about the SCP syntax, see the [Service Control Policy Syntax documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html).
	Content interface{}
	// A description to assign to the policy.
	Description interface{}
	// The friendly name to assign to the policy.
	Name interface{}
	// The type of policy to create. Currently, the only valid value is `SERVICE_CONTROL_POLICY` (SCP).
	Type interface{}
}

Input properties used for looking up and filtering Policy resources.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.