AWS v6.77.1, Apr 18 25

AWS v6.77.1 published on Friday, Apr 18, 2025 by Pulumi

aws.organizations.Organization

Explore with Pulumi AI

AWS v6.77.1 published on Friday, Apr 18, 2025 by Pulumi

!> WARNING: When migrating from a feature_set of CONSOLIDATED_BILLING to ALL, the Organization account owner will received an email stating the following: “You started the process to enable all features for your AWS organization. As part of that process, all member accounts that joined your organization by invitation must approve the change. You don’t need approval from member accounts that you directly created from within your AWS organization.” After all member accounts have accepted the invitation, the Organization account owner must then finalize the changes via the AWS Console. Until these steps are performed, the provider will perpetually show a difference, and the DescribeOrganization API will continue to show the FeatureSet as CONSOLIDATED_BILLING. See the AWS Organizations documentation for more information.

!> WARNING: Warning from the AWS Docs: “We recommend that you enable integration between AWS Organizations and the specified AWS service by using the console or commands that are provided by the specified service. Doing so ensures that the service is aware that it can create the resources that are required for the integration. How the service creates those resources in the organization’s accounts depends on that service. For more information, see the documentation for the other AWS service.”

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const org = new aws.organizations.Organization("org", {
    awsServiceAccessPrincipals: [
        "cloudtrail.amazonaws.com",
        "config.amazonaws.com",
    ],
    featureSet: "ALL",
});

import pulumi
import pulumi_aws as aws

org = aws.organizations.Organization("org",
    aws_service_access_principals=[
        "cloudtrail.amazonaws.com",
        "config.amazonaws.com",
    ],
    feature_set="ALL")

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewOrganization(ctx, "org", &organizations.OrganizationArgs{
			AwsServiceAccessPrincipals: pulumi.StringArray{
				pulumi.String("cloudtrail.amazonaws.com"),
				pulumi.String("config.amazonaws.com"),
			},
			FeatureSet: pulumi.String("ALL"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var org = new Aws.Organizations.Organization("org", new()
    {
        AwsServiceAccessPrincipals = new[]
        {
            "cloudtrail.amazonaws.com",
            "config.amazonaws.com",
        },
        FeatureSet = "ALL",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.organizations.Organization;
import com.pulumi.aws.organizations.OrganizationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var org = new Organization("org", OrganizationArgs.builder()
            .awsServiceAccessPrincipals(            
                "cloudtrail.amazonaws.com",
                "config.amazonaws.com")
            .featureSet("ALL")
            .build());

    }
}

resources:
  org:
    type: aws:organizations:Organization
    properties:
      awsServiceAccessPrincipals:
        - cloudtrail.amazonaws.com
        - config.amazonaws.com
      featureSet: ALL

Create Organization Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Organization(name: string, args?: OrganizationArgs, opts?: CustomResourceOptions);

@overload
def Organization(resource_name: str,
                 args: Optional[OrganizationArgs] = None,
                 opts: Optional[ResourceOptions] = None)

@overload
def Organization(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 aws_service_access_principals: Optional[Sequence[str]] = None,
                 enabled_policy_types: Optional[Sequence[str]] = None,
                 feature_set: Optional[str] = None)

func NewOrganization(ctx *Context, name string, args *OrganizationArgs, opts ...ResourceOption) (*Organization, error)

public Organization(string name, OrganizationArgs? args = null, CustomResourceOptions? opts = null)

public Organization(String name, OrganizationArgs args)
public Organization(String name, OrganizationArgs args, CustomResourceOptions options)

type: aws:organizations:Organization
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args OrganizationArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args OrganizationArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args OrganizationArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args OrganizationArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args OrganizationArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var organizationResource = new Aws.Organizations.Organization("organizationResource", new()
{
    AwsServiceAccessPrincipals = new[]
    {
        "string",
    },
    EnabledPolicyTypes = new[]
    {
        "string",
    },
    FeatureSet = "string",
});

example, err := organizations.NewOrganization(ctx, "organizationResource", &organizations.OrganizationArgs{
	AwsServiceAccessPrincipals: pulumi.StringArray{
		pulumi.String("string"),
	},
	EnabledPolicyTypes: pulumi.StringArray{
		pulumi.String("string"),
	},
	FeatureSet: pulumi.String("string"),
})

var organizationResource = new Organization("organizationResource", OrganizationArgs.builder()
    .awsServiceAccessPrincipals("string")
    .enabledPolicyTypes("string")
    .featureSet("string")
    .build());

organization_resource = aws.organizations.Organization("organizationResource",
    aws_service_access_principals=["string"],
    enabled_policy_types=["string"],
    feature_set="string")

const organizationResource = new aws.organizations.Organization("organizationResource", {
    awsServiceAccessPrincipals: ["string"],
    enabledPolicyTypes: ["string"],
    featureSet: "string",
});

type: aws:organizations:Organization
properties:
    awsServiceAccessPrincipals:
        - string
    enabledPolicyTypes:
        - string
    featureSet: string

Organization Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Organization resource accepts the following input properties:

AwsServiceAccessPrincipals List<string>: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. Some services do not support enablement via this endpoint, see warning in aws docs.
EnabledPolicyTypes List<string>: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, RESOURCE_CONTROL_POLICY, SERVICE_CONTROL_POLICY, and TAG_POLICY), see the AWS Organizations API Reference.
FeatureSet string: Specify "ALL" (default) or "CONSOLIDATED_BILLING".

AwsServiceAccessPrincipals []string: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. Some services do not support enablement via this endpoint, see warning in aws docs.
EnabledPolicyTypes []string: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, RESOURCE_CONTROL_POLICY, SERVICE_CONTROL_POLICY, and TAG_POLICY), see the AWS Organizations API Reference.
FeatureSet string: Specify "ALL" (default) or "CONSOLIDATED_BILLING".

awsServiceAccessPrincipals List<String>: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. Some services do not support enablement via this endpoint, see warning in aws docs.
enabledPolicyTypes List<String>: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, RESOURCE_CONTROL_POLICY, SERVICE_CONTROL_POLICY, and TAG_POLICY), see the AWS Organizations API Reference.
featureSet String: Specify "ALL" (default) or "CONSOLIDATED_BILLING".

awsServiceAccessPrincipals string[]: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. Some services do not support enablement via this endpoint, see warning in aws docs.
enabledPolicyTypes string[]: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, RESOURCE_CONTROL_POLICY, SERVICE_CONTROL_POLICY, and TAG_POLICY), see the AWS Organizations API Reference.
featureSet string: Specify "ALL" (default) or "CONSOLIDATED_BILLING".

aws_service_access_principals Sequence[str]: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. Some services do not support enablement via this endpoint, see warning in aws docs.
enabled_policy_types Sequence[str]: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, RESOURCE_CONTROL_POLICY, SERVICE_CONTROL_POLICY, and TAG_POLICY), see the AWS Organizations API Reference.
feature_set str: Specify "ALL" (default) or "CONSOLIDATED_BILLING".

awsServiceAccessPrincipals List<String>: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. Some services do not support enablement via this endpoint, see warning in aws docs.
enabledPolicyTypes List<String>: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, RESOURCE_CONTROL_POLICY, SERVICE_CONTROL_POLICY, and TAG_POLICY), see the AWS Organizations API Reference.
featureSet String: Specify "ALL" (default) or "CONSOLIDATED_BILLING".

Outputs

All input properties are implicitly available as output properties. Additionally, the Organization resource produces the following output properties:

Accounts List<OrganizationAccount>: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
Arn string: ARN of the root
Id string: The provider-assigned unique ID for this managed resource.
MasterAccountArn string: ARN of the master account
MasterAccountEmail string: Email address of the master account
MasterAccountId string: Identifier of the master account
MasterAccountName string: Name of the master account
NonMasterAccounts List<OrganizationNonMasterAccount>: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
Roots List<OrganizationRoot>: List of organization roots. All elements have these attributes:

Accounts []OrganizationAccount: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
Arn string: ARN of the root
Id string: The provider-assigned unique ID for this managed resource.
MasterAccountArn string: ARN of the master account
MasterAccountEmail string: Email address of the master account
MasterAccountId string: Identifier of the master account
MasterAccountName string: Name of the master account
NonMasterAccounts []OrganizationNonMasterAccount: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
Roots []OrganizationRoot: List of organization roots. All elements have these attributes:

accounts List<OrganizationAccount>: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
arn String: ARN of the root
id String: The provider-assigned unique ID for this managed resource.
masterAccountArn String: ARN of the master account
masterAccountEmail String: Email address of the master account
masterAccountId String: Identifier of the master account
masterAccountName String: Name of the master account
nonMasterAccounts List<OrganizationNonMasterAccount>: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
roots List<OrganizationRoot>: List of organization roots. All elements have these attributes:

accounts OrganizationAccount[]: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
arn string: ARN of the root
id string: The provider-assigned unique ID for this managed resource.
masterAccountArn string: ARN of the master account
masterAccountEmail string: Email address of the master account
masterAccountId string: Identifier of the master account
masterAccountName string: Name of the master account
nonMasterAccounts OrganizationNonMasterAccount[]: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
roots OrganizationRoot[]: List of organization roots. All elements have these attributes:

accounts Sequence[OrganizationAccount]: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
arn str: ARN of the root
id str: The provider-assigned unique ID for this managed resource.
master_account_arn str: ARN of the master account
master_account_email str: Email address of the master account
master_account_id str: Identifier of the master account
master_account_name str: Name of the master account
non_master_accounts Sequence[OrganizationNonMasterAccount]: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
roots Sequence[OrganizationRoot]: List of organization roots. All elements have these attributes:

accounts List<Property Map>: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
arn String: ARN of the root
id String: The provider-assigned unique ID for this managed resource.
masterAccountArn String: ARN of the master account
masterAccountEmail String: Email address of the master account
masterAccountId String: Identifier of the master account
masterAccountName String: Name of the master account
nonMasterAccounts List<Property Map>: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
roots List<Property Map>: List of organization roots. All elements have these attributes:

Look up Existing Organization Resource

Get an existing Organization resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: OrganizationState, opts?: CustomResourceOptions): Organization

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        accounts: Optional[Sequence[OrganizationAccountArgs]] = None,
        arn: Optional[str] = None,
        aws_service_access_principals: Optional[Sequence[str]] = None,
        enabled_policy_types: Optional[Sequence[str]] = None,
        feature_set: Optional[str] = None,
        master_account_arn: Optional[str] = None,
        master_account_email: Optional[str] = None,
        master_account_id: Optional[str] = None,
        master_account_name: Optional[str] = None,
        non_master_accounts: Optional[Sequence[OrganizationNonMasterAccountArgs]] = None,
        roots: Optional[Sequence[OrganizationRootArgs]] = None) -> Organization

func GetOrganization(ctx *Context, name string, id IDInput, state *OrganizationState, opts ...ResourceOption) (*Organization, error)

public static Organization Get(string name, Input<string> id, OrganizationState? state, CustomResourceOptions? opts = null)

public static Organization get(String name, Output<String> id, OrganizationState state, CustomResourceOptions options)

resources:  _:    type: aws:organizations:Organization    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Accounts List<OrganizationAccount>: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
Arn string: ARN of the root
AwsServiceAccessPrincipals List<string>: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. Some services do not support enablement via this endpoint, see warning in aws docs.
EnabledPolicyTypes List<string>: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, RESOURCE_CONTROL_POLICY, SERVICE_CONTROL_POLICY, and TAG_POLICY), see the AWS Organizations API Reference.
FeatureSet string: Specify "ALL" (default) or "CONSOLIDATED_BILLING".
MasterAccountArn string: ARN of the master account
MasterAccountEmail string: Email address of the master account
MasterAccountId string: Identifier of the master account
MasterAccountName string: Name of the master account
NonMasterAccounts List<OrganizationNonMasterAccount>: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
Roots List<OrganizationRoot>: List of organization roots. All elements have these attributes:

Accounts []OrganizationAccountArgs: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
Arn string: ARN of the root
AwsServiceAccessPrincipals []string: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. Some services do not support enablement via this endpoint, see warning in aws docs.
EnabledPolicyTypes []string: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, RESOURCE_CONTROL_POLICY, SERVICE_CONTROL_POLICY, and TAG_POLICY), see the AWS Organizations API Reference.
FeatureSet string: Specify "ALL" (default) or "CONSOLIDATED_BILLING".
MasterAccountArn string: ARN of the master account
MasterAccountEmail string: Email address of the master account
MasterAccountId string: Identifier of the master account
MasterAccountName string: Name of the master account
NonMasterAccounts []OrganizationNonMasterAccountArgs: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
Roots []OrganizationRootArgs: List of organization roots. All elements have these attributes:

accounts List<OrganizationAccount>: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
arn String: ARN of the root
awsServiceAccessPrincipals List<String>: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. Some services do not support enablement via this endpoint, see warning in aws docs.
enabledPolicyTypes List<String>: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, RESOURCE_CONTROL_POLICY, SERVICE_CONTROL_POLICY, and TAG_POLICY), see the AWS Organizations API Reference.
featureSet String: Specify "ALL" (default) or "CONSOLIDATED_BILLING".
masterAccountArn String: ARN of the master account
masterAccountEmail String: Email address of the master account
masterAccountId String: Identifier of the master account
masterAccountName String: Name of the master account
nonMasterAccounts List<OrganizationNonMasterAccount>: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
roots List<OrganizationRoot>: List of organization roots. All elements have these attributes:

accounts OrganizationAccount[]: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
arn string: ARN of the root
awsServiceAccessPrincipals string[]: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. Some services do not support enablement via this endpoint, see warning in aws docs.
enabledPolicyTypes string[]: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, RESOURCE_CONTROL_POLICY, SERVICE_CONTROL_POLICY, and TAG_POLICY), see the AWS Organizations API Reference.
featureSet string: Specify "ALL" (default) or "CONSOLIDATED_BILLING".
masterAccountArn string: ARN of the master account
masterAccountEmail string: Email address of the master account
masterAccountId string: Identifier of the master account
masterAccountName string: Name of the master account
nonMasterAccounts OrganizationNonMasterAccount[]: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
roots OrganizationRoot[]: List of organization roots. All elements have these attributes:

accounts Sequence[OrganizationAccountArgs]: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
arn str: ARN of the root
aws_service_access_principals Sequence[str]: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. Some services do not support enablement via this endpoint, see warning in aws docs.
enabled_policy_types Sequence[str]: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, RESOURCE_CONTROL_POLICY, SERVICE_CONTROL_POLICY, and TAG_POLICY), see the AWS Organizations API Reference.
feature_set str: Specify "ALL" (default) or "CONSOLIDATED_BILLING".
master_account_arn str: ARN of the master account
master_account_email str: Email address of the master account
master_account_id str: Identifier of the master account
master_account_name str: Name of the master account
non_master_accounts Sequence[OrganizationNonMasterAccountArgs]: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
roots Sequence[OrganizationRootArgs]: List of organization roots. All elements have these attributes:

accounts List<Property Map>: List of organization accounts including the master account. For a list excluding the master account, see the non_master_accounts attribute. All elements have these attributes:
arn String: ARN of the root
awsServiceAccessPrincipals List<String>: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. Some services do not support enablement via this endpoint, see warning in aws docs.
enabledPolicyTypes List<String>: List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, RESOURCE_CONTROL_POLICY, SERVICE_CONTROL_POLICY, and TAG_POLICY), see the AWS Organizations API Reference.
featureSet String: Specify "ALL" (default) or "CONSOLIDATED_BILLING".
masterAccountArn String: ARN of the master account
masterAccountEmail String: Email address of the master account
masterAccountId String: Identifier of the master account
masterAccountName String: Name of the master account
nonMasterAccounts List<Property Map>: List of organization accounts excluding the master account. For a list including the master account, see the accounts attribute. All elements have these attributes:
roots List<Property Map>: List of organization roots. All elements have these attributes:

Supporting Types

OrganizationAccount, OrganizationAccountArgs

Arn string: ARN of the root
Email string: Email of the account
Id string: Identifier of the root
Name string: The name of the policy type
Status string: The status of the policy type as it relates to the associated root

Arn string: ARN of the root
Email string: Email of the account
Id string: Identifier of the root
Name string: The name of the policy type
Status string: The status of the policy type as it relates to the associated root

arn String: ARN of the root
email String: Email of the account
id String: Identifier of the root
name String: The name of the policy type
status String: The status of the policy type as it relates to the associated root

arn string: ARN of the root
email string: Email of the account
id string: Identifier of the root
name string: The name of the policy type
status string: The status of the policy type as it relates to the associated root

arn str: ARN of the root
email str: Email of the account
id str: Identifier of the root
name str: The name of the policy type
status str: The status of the policy type as it relates to the associated root

arn String: ARN of the root
email String: Email of the account
id String: Identifier of the root
name String: The name of the policy type
status String: The status of the policy type as it relates to the associated root

OrganizationNonMasterAccount, OrganizationNonMasterAccountArgs

Arn string: ARN of the root
Email string: Email of the account
Id string: Identifier of the root
Name string: The name of the policy type
Status string: The status of the policy type as it relates to the associated root

Arn string: ARN of the root
Email string: Email of the account
Id string: Identifier of the root
Name string: The name of the policy type
Status string: The status of the policy type as it relates to the associated root

arn String: ARN of the root
email String: Email of the account
id String: Identifier of the root
name String: The name of the policy type
status String: The status of the policy type as it relates to the associated root

arn string: ARN of the root
email string: Email of the account
id string: Identifier of the root
name string: The name of the policy type
status string: The status of the policy type as it relates to the associated root

arn str: ARN of the root
email str: Email of the account
id str: Identifier of the root
name str: The name of the policy type
status str: The status of the policy type as it relates to the associated root

arn String: ARN of the root
email String: Email of the account
id String: Identifier of the root
name String: The name of the policy type
status String: The status of the policy type as it relates to the associated root

OrganizationRoot, OrganizationRootArgs

Arn string: ARN of the root
Id string: Identifier of the root
Name string: The name of the policy type
PolicyTypes List<OrganizationRootPolicyType>: List of policy types enabled for this root. All elements have these attributes:

Arn string: ARN of the root
Id string: Identifier of the root
Name string: The name of the policy type
PolicyTypes []OrganizationRootPolicyType: List of policy types enabled for this root. All elements have these attributes:

arn String: ARN of the root
id String: Identifier of the root
name String: The name of the policy type
policyTypes List<OrganizationRootPolicyType>: List of policy types enabled for this root. All elements have these attributes:

arn string: ARN of the root
id string: Identifier of the root
name string: The name of the policy type
policyTypes OrganizationRootPolicyType[]: List of policy types enabled for this root. All elements have these attributes:

arn str: ARN of the root
id str: Identifier of the root
name str: The name of the policy type
policy_types Sequence[OrganizationRootPolicyType]: List of policy types enabled for this root. All elements have these attributes:

arn String: ARN of the root
id String: Identifier of the root
name String: The name of the policy type
policyTypes List<Property Map>: List of policy types enabled for this root. All elements have these attributes:

OrganizationRootPolicyType, OrganizationRootPolicyTypeArgs

Status string: The status of the policy type as it relates to the associated root
Type string

Status string: The status of the policy type as it relates to the associated root
Type string

status String: The status of the policy type as it relates to the associated root
type String

status string: The status of the policy type as it relates to the associated root
type string

status str: The status of the policy type as it relates to the associated root
type str

status String: The status of the policy type as it relates to the associated root
type String

Import

Using pulumi import, import the AWS organization using the id. For example:

$ pulumi import aws:organizations/organization:Organization my_org o-1234567

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

AWS v6.77.1 published on Friday, Apr 18, 2025 by Pulumi

pulumi/pulumi-aws

aws.organizations.Organization

On this page

On this page

Example Usage

Create Organization Resource

Constructor syntax

Parameters

Constructor example

Organization Resource Properties

Inputs

Outputs

Look up Existing Organization Resource

Supporting Types

OrganizationAccount, OrganizationAccountArgs

OrganizationNonMasterAccount, OrganizationNonMasterAccountArgs

OrganizationRoot, OrganizationRootArgs

OrganizationRootPolicyType, OrganizationRootPolicyTypeArgs

Import

Package Details

On this page

On this page