terraform-aws-tardigrade-organizations-policy

Terraform module for managing an AWS Organizations Policy and its attachments.

This module supports every AWS Organizations Policy type, including:

• Service Control Policies (SCPs)

• Tag Policies

• Backup Policies

• AIServicesOptOut Policies

  WARNING: The specified policy type must be enabled in the AWS Organizations master account before it can be attached. Otherwise you will get an error of the form:

  Error: creating Organizations Policy Attachment (target-id:policy-id): PolicyTypeNotEnabledException: This operation can be performed only for enabled policy types.
  

Requirements

Name	Version
terraform	>= 1.2
aws	>= 3.35.0

Providers

Name	Version
aws	>= 3.35.0

Resources

Name	Type

Inputs

Name	Description	Type	Default	Required
policy	Object of attributes and attachments for an AWS Organizations Policy	object({ name = optional(string) content = optional(string) create_policy = optional(bool, true) description = optional(string) id = optional(string) skip_destroy = optional(bool) type = optional(string) tags = optional(map(string)) attachments = optional(list(object({ name = string target_id = string skip_destroy = optional(bool) })), []) })	n/a	yes

Outputs

Name	Description
policy	Object of attributes for the AWS Organizations Policy
policy_attachments	Map of objects containing AWS Organizations Policy attachments