1. Packages
  2. AWS Classic
  3. API Docs
  4. organizations
  5. getOrganization

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.13.2 published on Thursday, Dec 7, 2023 by Pulumi

aws.organizations.getOrganization

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.13.2 published on Thursday, Dec 7, 2023 by Pulumi

    Get information about the organization that the user’s account belongs to

    Example Usage

    List all account IDs for the organization

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = Aws.Organizations.GetOrganization.Invoke();
    
        return new Dictionary<string, object?>
        {
            ["accountIds"] = example.Apply(getOrganizationResult => getOrganizationResult.Accounts).Select(__item => __item.Id).ToList(),
        };
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := organizations.LookupOrganization(ctx, nil, nil)
    		if err != nil {
    			return err
    		}
    		var splat0 []*string
    		for _, val0 := range example.Accounts {
    			splat0 = append(splat0, val0.Id)
    		}
    		ctx.Export("accountIds", splat0)
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.organizations.OrganizationsFunctions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var example = OrganizationsFunctions.getOrganization();
    
            ctx.export("accountIds", example.applyValue(getOrganizationResult -> getOrganizationResult.accounts()).stream().map(element -> element.id()).collect(toList()));
        }
    }
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.organizations.get_organization()
    pulumi.export("accountIds", [__item.id for __item in example.accounts])
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = aws.organizations.getOrganization({});
    export const accountIds = example.then(example => example.accounts.map(__item => __item.id));
    

    Coming soon!

    SNS topic that can be interacted by the organization only

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = Aws.Organizations.GetOrganization.Invoke();
    
        var snsTopic = new Aws.Sns.Topic("snsTopic");
    
        var snsTopicPolicyPolicyDocument = Aws.Iam.GetPolicyDocument.Invoke(new()
        {
            Statements = new[]
            {
                new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
                {
                    Effect = "Allow",
                    Actions = new[]
                    {
                        "SNS:Subscribe",
                        "SNS:Publish",
                    },
                    Conditions = new[]
                    {
                        new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs
                        {
                            Test = "StringEquals",
                            Variable = "aws:PrincipalOrgID",
                            Values = new[]
                            {
                                example.Apply(getOrganizationResult => getOrganizationResult.Id),
                            },
                        },
                    },
                    Principals = new[]
                    {
                        new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
                        {
                            Type = "AWS",
                            Identifiers = new[]
                            {
                                "*",
                            },
                        },
                    },
                    Resources = new[]
                    {
                        snsTopic.Arn,
                    },
                },
            },
        });
    
        var snsTopicPolicyTopicPolicy = new Aws.Sns.TopicPolicy("snsTopicPolicyTopicPolicy", new()
        {
            Arn = snsTopic.Arn,
            Policy = snsTopicPolicyPolicyDocument.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
    example, err := organizations.LookupOrganization(ctx, nil, nil);
    if err != nil {
    return err
    }
    snsTopic, err := sns.NewTopic(ctx, "snsTopic", nil)
    if err != nil {
    return err
    }
    snsTopicPolicyPolicyDocument := snsTopic.Arn.ApplyT(func(arn string) (iam.GetPolicyDocumentResult, error) {
    return iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{
    Statements: []iam.GetPolicyDocumentStatement{
    {
    Effect: "Allow",
    Actions: []string{
    "SNS:Subscribe",
    "SNS:Publish",
    },
    Conditions: []iam.GetPolicyDocumentStatementCondition{
    {
    Test: "StringEquals",
    Variable: "aws:PrincipalOrgID",
    Values: interface{}{
    example.Id,
    },
    },
    },
    Principals: []iam.GetPolicyDocumentStatementPrincipal{
    {
    Type: "AWS",
    Identifiers: []string{
    "*",
    },
    },
    },
    Resources: interface{}{
    arn,
    },
    },
    },
    }, nil), nil
    }).(iam.GetPolicyDocumentResultOutput)
    _, err = sns.NewTopicPolicy(ctx, "snsTopicPolicyTopicPolicy", &sns.TopicPolicyArgs{
    Arn: snsTopic.Arn,
    Policy: snsTopicPolicyPolicyDocument.ApplyT(func(snsTopicPolicyPolicyDocument iam.GetPolicyDocumentResult) (*string, error) {
    return &snsTopicPolicyPolicyDocument.Json, nil
    }).(pulumi.StringPtrOutput),
    })
    if err != nil {
    return err
    }
    return nil
    })
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.organizations.OrganizationsFunctions;
    import com.pulumi.aws.sns.Topic;
    import com.pulumi.aws.iam.IamFunctions;
    import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
    import com.pulumi.aws.sns.TopicPolicy;
    import com.pulumi.aws.sns.TopicPolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var example = OrganizationsFunctions.getOrganization();
    
            var snsTopic = new Topic("snsTopic");
    
            final var snsTopicPolicyPolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
                .statements(GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions(                
                        "SNS:Subscribe",
                        "SNS:Publish")
                    .conditions(GetPolicyDocumentStatementConditionArgs.builder()
                        .test("StringEquals")
                        .variable("aws:PrincipalOrgID")
                        .values(example.applyValue(getOrganizationResult -> getOrganizationResult.id()))
                        .build())
                    .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                        .type("AWS")
                        .identifiers("*")
                        .build())
                    .resources(snsTopic.arn())
                    .build())
                .build());
    
            var snsTopicPolicyTopicPolicy = new TopicPolicy("snsTopicPolicyTopicPolicy", TopicPolicyArgs.builder()        
                .arn(snsTopic.arn())
                .policy(snsTopicPolicyPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult).applyValue(snsTopicPolicyPolicyDocument -> snsTopicPolicyPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())))
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.organizations.get_organization()
    sns_topic = aws.sns.Topic("snsTopic")
    sns_topic_policy_policy_document = sns_topic.arn.apply(lambda arn: aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(
        effect="Allow",
        actions=[
            "SNS:Subscribe",
            "SNS:Publish",
        ],
        conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(
            test="StringEquals",
            variable="aws:PrincipalOrgID",
            values=[example.id],
        )],
        principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(
            type="AWS",
            identifiers=["*"],
        )],
        resources=[arn],
    )]))
    sns_topic_policy_topic_policy = aws.sns.TopicPolicy("snsTopicPolicyTopicPolicy",
        arn=sns_topic.arn,
        policy=sns_topic_policy_policy_document.json)
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = aws.organizations.getOrganization({});
    const snsTopic = new aws.sns.Topic("snsTopic", {});
    const snsTopicPolicyPolicyDocument = pulumi.all([example, snsTopic.arn]).apply(([example, arn]) => aws.iam.getPolicyDocumentOutput({
        statements: [{
            effect: "Allow",
            actions: [
                "SNS:Subscribe",
                "SNS:Publish",
            ],
            conditions: [{
                test: "StringEquals",
                variable: "aws:PrincipalOrgID",
                values: [example.id],
            }],
            principals: [{
                type: "AWS",
                identifiers: ["*"],
            }],
            resources: [arn],
        }],
    }));
    const snsTopicPolicyTopicPolicy = new aws.sns.TopicPolicy("snsTopicPolicyTopicPolicy", {
        arn: snsTopic.arn,
        policy: snsTopicPolicyPolicyDocument.apply(snsTopicPolicyPolicyDocument => snsTopicPolicyPolicyDocument.json),
    });
    
    resources:
      snsTopic:
        type: aws:sns:Topic
      snsTopicPolicyTopicPolicy:
        type: aws:sns:TopicPolicy
        properties:
          arn: ${snsTopic.arn}
          policy: ${snsTopicPolicyPolicyDocument.json}
    variables:
      example:
        fn::invoke:
          Function: aws:organizations:getOrganization
          Arguments: {}
      snsTopicPolicyPolicyDocument:
        fn::invoke:
          Function: aws:iam:getPolicyDocument
          Arguments:
            statements:
              - effect: Allow
                actions:
                  - SNS:Subscribe
                  - SNS:Publish
                conditions:
                  - test: StringEquals
                    variable: aws:PrincipalOrgID
                    values:
                      - ${example.id}
                principals:
                  - type: AWS
                    identifiers:
                      - '*'
                resources:
                  - ${snsTopic.arn}
    

    Using getOrganization

    function getOrganization(opts?: InvokeOptions): Promise<GetOrganizationResult>
    def get_organization(opts: Optional[InvokeOptions] = None) -> GetOrganizationResult
    func LookupOrganization(ctx *Context, opts ...InvokeOption) (*LookupOrganizationResult, error)

    > Note: This function is named LookupOrganization in the Go SDK.

    public static class GetOrganization 
    {
        public static Task<GetOrganizationResult> InvokeAsync(InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetOrganizationResult> getOrganization(InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: aws:organizations/getOrganization:getOrganization
      arguments:
        # arguments dictionary

    getOrganization Result

    The following output properties are available:

    Accounts List<GetOrganizationAccount>

    List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:

    Arn string

    ARN of the root

    AwsServiceAccessPrincipals List<string>

    A list of AWS service principal names that have integration enabled with your organization. Organization must have feature_set set to ALL. For additional information, see the AWS Organizations User Guide.

    EnabledPolicyTypes List<string>

    A list of Organizations policy types that are enabled in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., SERVICE_CONTROL_POLICY), see the AWS Organizations API Reference.

    FeatureSet string

    FeatureSet of the organization.

    Id string

    The provider-assigned unique ID for this managed resource.

    MasterAccountArn string

    ARN of the account that is designated as the master account for the organization.

    MasterAccountEmail string

    The email address that is associated with the AWS account that is designated as the master account for the organization.

    MasterAccountId string

    Unique identifier (ID) of the master account of an organization.

    NonMasterAccounts List<GetOrganizationNonMasterAccount>

    List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:

    Roots List<GetOrganizationRoot>

    List of organization roots. All elements have these attributes:

    Accounts []GetOrganizationAccount

    List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:

    Arn string

    ARN of the root

    AwsServiceAccessPrincipals []string

    A list of AWS service principal names that have integration enabled with your organization. Organization must have feature_set set to ALL. For additional information, see the AWS Organizations User Guide.

    EnabledPolicyTypes []string

    A list of Organizations policy types that are enabled in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., SERVICE_CONTROL_POLICY), see the AWS Organizations API Reference.

    FeatureSet string

    FeatureSet of the organization.

    Id string

    The provider-assigned unique ID for this managed resource.

    MasterAccountArn string

    ARN of the account that is designated as the master account for the organization.

    MasterAccountEmail string

    The email address that is associated with the AWS account that is designated as the master account for the organization.

    MasterAccountId string

    Unique identifier (ID) of the master account of an organization.

    NonMasterAccounts []GetOrganizationNonMasterAccount

    List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:

    Roots []GetOrganizationRoot

    List of organization roots. All elements have these attributes:

    accounts List<GetOrganizationAccount>

    List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:

    arn String

    ARN of the root

    awsServiceAccessPrincipals List<String>

    A list of AWS service principal names that have integration enabled with your organization. Organization must have feature_set set to ALL. For additional information, see the AWS Organizations User Guide.

    enabledPolicyTypes List<String>

    A list of Organizations policy types that are enabled in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., SERVICE_CONTROL_POLICY), see the AWS Organizations API Reference.

    featureSet String

    FeatureSet of the organization.

    id String

    The provider-assigned unique ID for this managed resource.

    masterAccountArn String

    ARN of the account that is designated as the master account for the organization.

    masterAccountEmail String

    The email address that is associated with the AWS account that is designated as the master account for the organization.

    masterAccountId String

    Unique identifier (ID) of the master account of an organization.

    nonMasterAccounts List<GetOrganizationNonMasterAccount>

    List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:

    roots List<GetOrganizationRoot>

    List of organization roots. All elements have these attributes:

    accounts GetOrganizationAccount[]

    List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:

    arn string

    ARN of the root

    awsServiceAccessPrincipals string[]

    A list of AWS service principal names that have integration enabled with your organization. Organization must have feature_set set to ALL. For additional information, see the AWS Organizations User Guide.

    enabledPolicyTypes string[]

    A list of Organizations policy types that are enabled in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., SERVICE_CONTROL_POLICY), see the AWS Organizations API Reference.

    featureSet string

    FeatureSet of the organization.

    id string

    The provider-assigned unique ID for this managed resource.

    masterAccountArn string

    ARN of the account that is designated as the master account for the organization.

    masterAccountEmail string

    The email address that is associated with the AWS account that is designated as the master account for the organization.

    masterAccountId string

    Unique identifier (ID) of the master account of an organization.

    nonMasterAccounts GetOrganizationNonMasterAccount[]

    List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:

    roots GetOrganizationRoot[]

    List of organization roots. All elements have these attributes:

    accounts Sequence[GetOrganizationAccount]

    List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:

    arn str

    ARN of the root

    aws_service_access_principals Sequence[str]

    A list of AWS service principal names that have integration enabled with your organization. Organization must have feature_set set to ALL. For additional information, see the AWS Organizations User Guide.

    enabled_policy_types Sequence[str]

    A list of Organizations policy types that are enabled in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., SERVICE_CONTROL_POLICY), see the AWS Organizations API Reference.

    feature_set str

    FeatureSet of the organization.

    id str

    The provider-assigned unique ID for this managed resource.

    master_account_arn str

    ARN of the account that is designated as the master account for the organization.

    master_account_email str

    The email address that is associated with the AWS account that is designated as the master account for the organization.

    master_account_id str

    Unique identifier (ID) of the master account of an organization.

    non_master_accounts Sequence[GetOrganizationNonMasterAccount]

    List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:

    roots Sequence[GetOrganizationRoot]

    List of organization roots. All elements have these attributes:

    accounts List<Property Map>

    List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:

    arn String

    ARN of the root

    awsServiceAccessPrincipals List<String>

    A list of AWS service principal names that have integration enabled with your organization. Organization must have feature_set set to ALL. For additional information, see the AWS Organizations User Guide.

    enabledPolicyTypes List<String>

    A list of Organizations policy types that are enabled in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., SERVICE_CONTROL_POLICY), see the AWS Organizations API Reference.

    featureSet String

    FeatureSet of the organization.

    id String

    The provider-assigned unique ID for this managed resource.

    masterAccountArn String

    ARN of the account that is designated as the master account for the organization.

    masterAccountEmail String

    The email address that is associated with the AWS account that is designated as the master account for the organization.

    masterAccountId String

    Unique identifier (ID) of the master account of an organization.

    nonMasterAccounts List<Property Map>

    List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:

    roots List<Property Map>

    List of organization roots. All elements have these attributes:

    Supporting Types

    GetOrganizationAccount

    Arn string

    ARN of the root

    Email string

    Email of the account

    Id string

    Identifier of the root

    Name string

    The name of the policy type

    Status string

    The status of the policy type as it relates to the associated root

    Arn string

    ARN of the root

    Email string

    Email of the account

    Id string

    Identifier of the root

    Name string

    The name of the policy type

    Status string

    The status of the policy type as it relates to the associated root

    arn String

    ARN of the root

    email String

    Email of the account

    id String

    Identifier of the root

    name String

    The name of the policy type

    status String

    The status of the policy type as it relates to the associated root

    arn string

    ARN of the root

    email string

    Email of the account

    id string

    Identifier of the root

    name string

    The name of the policy type

    status string

    The status of the policy type as it relates to the associated root

    arn str

    ARN of the root

    email str

    Email of the account

    id str

    Identifier of the root

    name str

    The name of the policy type

    status str

    The status of the policy type as it relates to the associated root

    arn String

    ARN of the root

    email String

    Email of the account

    id String

    Identifier of the root

    name String

    The name of the policy type

    status String

    The status of the policy type as it relates to the associated root

    GetOrganizationNonMasterAccount

    Arn string

    ARN of the root

    Email string

    Email of the account

    Id string

    Identifier of the root

    Name string

    The name of the policy type

    Status string

    The status of the policy type as it relates to the associated root

    Arn string

    ARN of the root

    Email string

    Email of the account

    Id string

    Identifier of the root

    Name string

    The name of the policy type

    Status string

    The status of the policy type as it relates to the associated root

    arn String

    ARN of the root

    email String

    Email of the account

    id String

    Identifier of the root

    name String

    The name of the policy type

    status String

    The status of the policy type as it relates to the associated root

    arn string

    ARN of the root

    email string

    Email of the account

    id string

    Identifier of the root

    name string

    The name of the policy type

    status string

    The status of the policy type as it relates to the associated root

    arn str

    ARN of the root

    email str

    Email of the account

    id str

    Identifier of the root

    name str

    The name of the policy type

    status str

    The status of the policy type as it relates to the associated root

    arn String

    ARN of the root

    email String

    Email of the account

    id String

    Identifier of the root

    name String

    The name of the policy type

    status String

    The status of the policy type as it relates to the associated root

    GetOrganizationRoot

    Arn string

    ARN of the root

    Id string

    Identifier of the root

    Name string

    The name of the policy type

    PolicyTypes List<GetOrganizationRootPolicyType>

    List of policy types enabled for this root. All elements have these attributes:

    Arn string

    ARN of the root

    Id string

    Identifier of the root

    Name string

    The name of the policy type

    PolicyTypes []GetOrganizationRootPolicyType

    List of policy types enabled for this root. All elements have these attributes:

    arn String

    ARN of the root

    id String

    Identifier of the root

    name String

    The name of the policy type

    policyTypes List<GetOrganizationRootPolicyType>

    List of policy types enabled for this root. All elements have these attributes:

    arn string

    ARN of the root

    id string

    Identifier of the root

    name string

    The name of the policy type

    policyTypes GetOrganizationRootPolicyType[]

    List of policy types enabled for this root. All elements have these attributes:

    arn str

    ARN of the root

    id str

    Identifier of the root

    name str

    The name of the policy type

    policy_types Sequence[GetOrganizationRootPolicyType]

    List of policy types enabled for this root. All elements have these attributes:

    arn String

    ARN of the root

    id String

    Identifier of the root

    name String

    The name of the policy type

    policyTypes List<Property Map>

    List of policy types enabled for this root. All elements have these attributes:

    GetOrganizationRootPolicyType

    Status string

    The status of the policy type as it relates to the associated root

    Type string
    Status string

    The status of the policy type as it relates to the associated root

    Type string
    status String

    The status of the policy type as it relates to the associated root

    type String
    status string

    The status of the policy type as it relates to the associated root

    type string
    status str

    The status of the policy type as it relates to the associated root

    type str
    status String

    The status of the policy type as it relates to the associated root

    type String

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the aws Terraform Provider.

    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.13.2 published on Thursday, Dec 7, 2023 by Pulumi