Skip to content

Data Source: awsOrganizationsOrganization

Get information about the organization that the user's account belongs to

Example Usage

List all account IDs for the organization

import * as cdktf from "cdktf";
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const dataAwsOrganizationsOrganizationExample =
  new aws.dataAwsOrganizationsOrganization.DataAwsOrganizationsOrganization(
    this,
    "example",
    {}
  );
new cdktf.TerraformOutput(this, "account_ids", {
  value: `\${${dataAwsOrganizationsOrganizationExample.accounts.fqn}[*].id}`,
});

SNS topic that can be interacted by the organization only

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsSnsTopicSnsTopic = new aws.snsTopic.SnsTopic(this, "sns_topic", {
  name: "my-sns-topic",
});
const dataAwsOrganizationsOrganizationExample =
  new aws.dataAwsOrganizationsOrganization.DataAwsOrganizationsOrganization(
    this,
    "example",
    {}
  );
const dataAwsIamPolicyDocumentSnsTopicPolicy =
  new aws.dataAwsIamPolicyDocument.DataAwsIamPolicyDocument(
    this,
    "sns_topic_policy",
    {
      statement: [
        {
          actions: ["SNS:Subscribe", "SNS:Publish"],
          condition: [
            {
              test: "StringEquals",
              values: [dataAwsOrganizationsOrganizationExample.id],
              variable: "aws:PrincipalOrgID",
            },
          ],
          effect: "Allow",
          principals: [
            {
              identifiers: ["*"],
              type: "AWS",
            },
          ],
          resources: [awsSnsTopicSnsTopic.arn],
        },
      ],
    }
  );
const awsSnsTopicPolicySnsTopicPolicy = new aws.snsTopicPolicy.SnsTopicPolicy(
  this,
  "sns_topic_policy_3",
  {
    arn: awsSnsTopicSnsTopic.arn,
    policy: dataAwsIamPolicyDocumentSnsTopicPolicy.json,
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsSnsTopicPolicySnsTopicPolicy.overrideLogicalId("sns_topic_policy");

Argument Reference

There are no arguments available for this data source.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • arn - ARN of the organization.
  • featureSet - FeatureSet of the organization.
  • id - ID of the organization.
  • masterAccountArn - ARN of the account that is designated as the master account for the organization.
  • masterAccountEmail - The email address that is associated with the AWS account that is designated as the master account for the organization.
  • masterAccountId - Unique identifier (ID) of the master account of an organization.

Master Account Attributes Reference

If the account is the master account for the organization, the following attributes are also exported:

  • accounts - List of organization accounts including the master account. For a list excluding the master account, see the nonMasterAccounts attribute. All elements have these attributes:
  • arn - ARN of the account
  • email - Email of the account
  • id - Identifier of the account
  • name - Name of the account
  • status - Status of the account
  • awsServiceAccessPrincipals - A list of AWS service principal names that have integration enabled with your organization. Organization must have featureSet set to all. For additional information, see the AWS Organizations User Guide.
  • enabledPolicyTypes - A list of Organizations policy types that are enabled in the Organization Root. Organization must have featureSet set to all. For additional information about valid policy types (e.g., SERVICE_CONTROL_POLICY), see the AWS Organizations API Reference.
  • nonMasterAccounts - List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
  • arn - ARN of the account
  • email - Email of the account
  • id - Identifier of the account
  • name - Name of the account
  • status - Status of the account
  • roots - List of organization roots. All elements have these attributes:
  • arn - ARN of the root
  • id - Identifier of the root
  • name - Name of the root
  • policyTypes - List of policy types enabled for this root. All elements have these attributes:
    • name - The name of the policy type
    • status - The status of the policy type as it relates to the associated root