Docs Home
dome9 1.40.3 published on Monday, Apr 14, 2025 by dome9
dome9.AwsOrganizationOnboarding
Explore with Pulumi AI
Connect an AWS organization to CloudGuard in one quick process.
Example Usage
Basic usage:
import * as pulumi from "@pulumi/pulumi";
import * as dome9 from "@pulumi/dome9";
const test = new dome9.AwsOrganizationOnboarding("test", {
awsOrganizationName: "AWS_ORG_NAME",
roleArn: "ROLE_ARN",
secret: "SECRET",
stackSetArn: "STACK_SET_ARN",
});
import pulumi
import pulumi_dome9 as dome9
test = dome9.AwsOrganizationOnboarding("test",
aws_organization_name="AWS_ORG_NAME",
role_arn="ROLE_ARN",
secret="SECRET",
stack_set_arn="STACK_SET_ARN")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/dome9/dome9"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := dome9.NewAwsOrganizationOnboarding(ctx, "test", &dome9.AwsOrganizationOnboardingArgs{
AwsOrganizationName: pulumi.String("AWS_ORG_NAME"),
RoleArn: pulumi.String("ROLE_ARN"),
Secret: pulumi.String("SECRET"),
StackSetArn: pulumi.String("STACK_SET_ARN"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Dome9 = Pulumi.Dome9;
return await Deployment.RunAsync(() =>
{
var test = new Dome9.AwsOrganizationOnboarding("test", new()
{
AwsOrganizationName = "AWS_ORG_NAME",
RoleArn = "ROLE_ARN",
Secret = "SECRET",
StackSetArn = "STACK_SET_ARN",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.dome9.AwsOrganizationOnboarding;
import com.pulumi.dome9.AwsOrganizationOnboardingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var test = new AwsOrganizationOnboarding("test", AwsOrganizationOnboardingArgs.builder()
.awsOrganizationName("AWS_ORG_NAME")
.roleArn("ROLE_ARN")
.secret("SECRET")
.stackSetArn("STACK_SET_ARN")
.build());
}
}
resources:
test:
type: dome9:AwsOrganizationOnboarding
properties:
awsOrganizationName: AWS_ORG_NAME
roleArn: ROLE_ARN
secret: SECRET
stackSetArn: STACK_SET_ARN
Advanced usage:
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as dome9 from "@pulumi/dome9";
const exampleAwsOrganizationOnboardingManagementStack = dome9.getAwsOrganizationOnboardingManagementStack({
awsAccountId: "AWS_MANAGEMENT_ACCOUNT_ID",
});
const exampleStack = new aws.index.Aws_cloudformation_stack("exampleStack", {
name: "stack-name",
templateUrl: exampleAwsOrganizationOnboardingManagementStack.managementCftUrl,
parameters: {
ExternalId: exampleAwsOrganizationOnboardingManagementStack.externalId,
},
capabilities: ["CAPABILITY_NAMED_IAM"],
});
const exampleMemberAccountConfiguration = dome9.getAwsOrganizationOnboardingMemberAccountConfiguration({});
const exampleStackSet = new aws.index.Aws_cloudformation_stack_set("exampleStackSet", {
name: "STACK-SET-NAME",
description: "STACK-SET-DESCRIPTION",
templateUrl: exampleMemberAccountConfiguration.onboardingCftUrl,
parameters: {
ExternalId: exampleMemberAccountConfiguration.externalId,
},
capabilities: ["CAPABILITY_NAMED_IAM"],
permissionModel: "SERVICE_MANAGED",
autoDeployment: [{
enabled: true,
retainStacksOnAccountRemoval: false,
}],
});
const exampleaws_cloudformation_stack_set_instance = new aws.index.Aws_cloudformation_stack_set_instance("exampleaws_cloudformation_stack_set_instance", {
region: "AWS-REGION",
stackSetName: exampleStackSet.name,
deploymentTargets: [{
organizationalUnitIds: ["AWS-OU-ID"],
}],
});
const test = new dome9.AwsOrganizationOnboarding("test", {
roleArn: resource.aws_cloudformation_stack.example_stack.outputs.CrossAccountRoleArn,
secret: exampleAwsOrganizationOnboardingManagementStack.then(exampleAwsOrganizationOnboardingManagementStack => exampleAwsOrganizationOnboardingManagementStack.externalId),
stackSetArn: resource.aws_cloudformation_stack_set.example_stack_set.arn,
awsOrganizationName: "AWS_ORG_NAME",
});
import pulumi
import pulumi_aws as aws
import pulumi_dome9 as dome9
example_aws_organization_onboarding_management_stack = dome9.get_aws_organization_onboarding_management_stack(aws_account_id="AWS_MANAGEMENT_ACCOUNT_ID")
example_stack = aws.index.Aws_cloudformation_stack("exampleStack",
name=stack-name,
template_url=example_aws_organization_onboarding_management_stack.management_cft_url,
parameters={
ExternalId: example_aws_organization_onboarding_management_stack.external_id,
},
capabilities=[CAPABILITY_NAMED_IAM])
example_member_account_configuration = dome9.get_aws_organization_onboarding_member_account_configuration()
example_stack_set = aws.index.Aws_cloudformation_stack_set("exampleStackSet",
name=STACK-SET-NAME,
description=STACK-SET-DESCRIPTION,
template_url=example_member_account_configuration.onboarding_cft_url,
parameters={
ExternalId: example_member_account_configuration.external_id,
},
capabilities=[CAPABILITY_NAMED_IAM],
permission_model=SERVICE_MANAGED,
auto_deployment=[{
enabled: True,
retainStacksOnAccountRemoval: False,
}])
exampleaws_cloudformation_stack_set_instance = aws.index.Aws_cloudformation_stack_set_instance("exampleaws_cloudformation_stack_set_instance",
region=AWS-REGION,
stack_set_name=example_stack_set.name,
deployment_targets=[{
organizationalUnitIds: [AWS-OU-ID],
}])
test = dome9.AwsOrganizationOnboarding("test",
role_arn=resource["aws_cloudformation_stack"]["example_stack"]["outputs"]["CrossAccountRoleArn"],
secret=example_aws_organization_onboarding_management_stack.external_id,
stack_set_arn=resource["aws_cloudformation_stack_set"]["example_stack_set"]["arn"],
aws_organization_name="AWS_ORG_NAME")
package main
import (
"github.com/pulumi/pulumi-aws/sdk/go/aws"
"github.com/pulumi/pulumi-terraform-provider/sdks/go/dome9/dome9"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleAwsOrganizationOnboardingManagementStack, err := dome9.GetAwsOrganizationOnboardingManagementStack(ctx, &dome9.GetAwsOrganizationOnboardingManagementStackArgs{
AwsAccountId: "AWS_MANAGEMENT_ACCOUNT_ID",
}, nil)
if err != nil {
return err
}
_, err = aws.NewAws_cloudformation_stack(ctx, "exampleStack", &aws.Aws_cloudformation_stackArgs{
Name: "stack-name",
TemplateUrl: exampleAwsOrganizationOnboardingManagementStack.ManagementCftUrl,
Parameters: map[string]interface{}{
"ExternalId": exampleAwsOrganizationOnboardingManagementStack.ExternalId,
},
Capabilities: []string{
"CAPABILITY_NAMED_IAM",
},
})
if err != nil {
return err
}
exampleMemberAccountConfiguration, err := dome9.GetAwsOrganizationOnboardingMemberAccountConfiguration(ctx, &dome9.GetAwsOrganizationOnboardingMemberAccountConfigurationArgs{}, nil)
if err != nil {
return err
}
exampleStackSet, err := aws.NewAws_cloudformation_stack_set(ctx, "exampleStackSet", &aws.Aws_cloudformation_stack_setArgs{
Name: "STACK-SET-NAME",
Description: "STACK-SET-DESCRIPTION",
TemplateUrl: exampleMemberAccountConfiguration.OnboardingCftUrl,
Parameters: map[string]interface{}{
"ExternalId": exampleMemberAccountConfiguration.ExternalId,
},
Capabilities: []string{
"CAPABILITY_NAMED_IAM",
},
PermissionModel: "SERVICE_MANAGED",
AutoDeployment: []map[string]interface{}{
map[string]interface{}{
"enabled": true,
"retainStacksOnAccountRemoval": false,
},
},
})
if err != nil {
return err
}
_, err = aws.NewAws_cloudformation_stack_set_instance(ctx, "exampleaws_cloudformation_stack_set_instance", &aws.Aws_cloudformation_stack_set_instanceArgs{
Region: "AWS-REGION",
StackSetName: exampleStackSet.Name,
DeploymentTargets: []map[string]interface{}{
map[string]interface{}{
"organizationalUnitIds": []string{
"AWS-OU-ID",
},
},
},
})
if err != nil {
return err
}
_, err = dome9.NewAwsOrganizationOnboarding(ctx, "test", &dome9.AwsOrganizationOnboardingArgs{
RoleArn: pulumi.Any(resource.Aws_cloudformation_stack.Example_stack.Outputs.CrossAccountRoleArn),
Secret: pulumi.String(exampleAwsOrganizationOnboardingManagementStack.ExternalId),
StackSetArn: pulumi.Any(resource.Aws_cloudformation_stack_set.Example_stack_set.Arn),
AwsOrganizationName: pulumi.String("AWS_ORG_NAME"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
using Dome9 = Pulumi.Dome9;
return await Deployment.RunAsync(() =>
{
var exampleAwsOrganizationOnboardingManagementStack = Dome9.GetAwsOrganizationOnboardingManagementStack.Invoke(new()
{
AwsAccountId = "AWS_MANAGEMENT_ACCOUNT_ID",
});
var exampleStack = new Aws.Index.Aws_cloudformation_stack("exampleStack", new()
{
Name = "stack-name",
TemplateUrl = exampleAwsOrganizationOnboardingManagementStack.Apply(getAwsOrganizationOnboardingManagementStackResult => getAwsOrganizationOnboardingManagementStackResult.ManagementCftUrl),
Parameters =
{
{ "ExternalId", exampleAwsOrganizationOnboardingManagementStack.Apply(getAwsOrganizationOnboardingManagementStackResult => getAwsOrganizationOnboardingManagementStackResult.ExternalId) },
},
Capabilities = new[]
{
"CAPABILITY_NAMED_IAM",
},
});
var exampleMemberAccountConfiguration = Dome9.GetAwsOrganizationOnboardingMemberAccountConfiguration.Invoke();
var exampleStackSet = new Aws.Index.Aws_cloudformation_stack_set("exampleStackSet", new()
{
Name = "STACK-SET-NAME",
Description = "STACK-SET-DESCRIPTION",
TemplateUrl = exampleMemberAccountConfiguration.Apply(getAwsOrganizationOnboardingMemberAccountConfigurationResult => getAwsOrganizationOnboardingMemberAccountConfigurationResult.OnboardingCftUrl),
Parameters =
{
{ "ExternalId", exampleMemberAccountConfiguration.Apply(getAwsOrganizationOnboardingMemberAccountConfigurationResult => getAwsOrganizationOnboardingMemberAccountConfigurationResult.ExternalId) },
},
Capabilities = new[]
{
"CAPABILITY_NAMED_IAM",
},
PermissionModel = "SERVICE_MANAGED",
AutoDeployment = new[]
{
{
{ "enabled", true },
{ "retainStacksOnAccountRemoval", false },
},
},
});
var exampleaws_cloudformation_stack_set_instance = new Aws.Index.Aws_cloudformation_stack_set_instance("exampleaws_cloudformation_stack_set_instance", new()
{
Region = "AWS-REGION",
StackSetName = exampleStackSet.Name,
DeploymentTargets = new[]
{
{
{ "organizationalUnitIds", new[]
{
"AWS-OU-ID",
} },
},
},
});
var test = new Dome9.AwsOrganizationOnboarding("test", new()
{
RoleArn = resource.Aws_cloudformation_stack.Example_stack.Outputs.CrossAccountRoleArn,
Secret = exampleAwsOrganizationOnboardingManagementStack.Apply(getAwsOrganizationOnboardingManagementStackResult => getAwsOrganizationOnboardingManagementStackResult.ExternalId),
StackSetArn = resource.Aws_cloudformation_stack_set.Example_stack_set.Arn,
AwsOrganizationName = "AWS_ORG_NAME",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.dome9.Dome9Functions;
import com.pulumi.dome9.inputs.GetAwsOrganizationOnboardingManagementStackArgs;
import com.pulumi.aws.aws_cloudformation_stack;
import com.pulumi.aws.Aws_cloudformation_stackArgs;
import com.pulumi.dome9.inputs.GetAwsOrganizationOnboardingMemberAccountConfigurationArgs;
import com.pulumi.aws.aws_cloudformation_stack_set;
import com.pulumi.aws.Aws_cloudformation_stack_setArgs;
import com.pulumi.aws.aws_cloudformation_stack_set_instance;
import com.pulumi.aws.Aws_cloudformation_stack_set_instanceArgs;
import com.pulumi.dome9.AwsOrganizationOnboarding;
import com.pulumi.dome9.AwsOrganizationOnboardingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var exampleAwsOrganizationOnboardingManagementStack = Dome9Functions.getAwsOrganizationOnboardingManagementStack(GetAwsOrganizationOnboardingManagementStackArgs.builder()
.awsAccountId("AWS_MANAGEMENT_ACCOUNT_ID")
.build());
var exampleStack = new Aws_cloudformation_stack("exampleStack", Aws_cloudformation_stackArgs.builder()
.name("stack-name")
.templateUrl(exampleAwsOrganizationOnboardingManagementStack.applyValue(getAwsOrganizationOnboardingManagementStackResult -> getAwsOrganizationOnboardingManagementStackResult.managementCftUrl()))
.parameters(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.capabilities("CAPABILITY_NAMED_IAM")
.build());
final var exampleMemberAccountConfiguration = Dome9Functions.getAwsOrganizationOnboardingMemberAccountConfiguration();
var exampleStackSet = new Aws_cloudformation_stack_set("exampleStackSet", Aws_cloudformation_stack_setArgs.builder()
.name("STACK-SET-NAME")
.description("STACK-SET-DESCRIPTION")
.templateUrl(exampleMemberAccountConfiguration.applyValue(getAwsOrganizationOnboardingMemberAccountConfigurationResult -> getAwsOrganizationOnboardingMemberAccountConfigurationResult.onboardingCftUrl()))
.parameters(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.capabilities("CAPABILITY_NAMED_IAM")
.permissionModel("SERVICE_MANAGED")
.autoDeployment(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.build());
var exampleaws_cloudformation_stack_set_instance = new Aws_cloudformation_stack_set_instance("exampleaws_cloudformation_stack_set_instance", Aws_cloudformation_stack_set_instanceArgs.builder()
.region("AWS-REGION")
.stackSetName(exampleStackSet.name())
.deploymentTargets(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.build());
var test = new AwsOrganizationOnboarding("test", AwsOrganizationOnboardingArgs.builder()
.roleArn(resource.aws_cloudformation_stack().example_stack().outputs().CrossAccountRoleArn())
.secret(exampleAwsOrganizationOnboardingManagementStack.applyValue(getAwsOrganizationOnboardingManagementStackResult -> getAwsOrganizationOnboardingManagementStackResult.externalId()))
.stackSetArn(resource.aws_cloudformation_stack_set().example_stack_set().arn())
.awsOrganizationName("AWS_ORG_NAME")
.build());
}
}
resources:
exampleStack:
type: aws:aws_cloudformation_stack
properties:
name: stack-name
templateUrl: ${exampleAwsOrganizationOnboardingManagementStack.managementCftUrl}
parameters:
ExternalId: ${exampleAwsOrganizationOnboardingManagementStack.externalId}
capabilities:
- CAPABILITY_NAMED_IAM
exampleStackSet:
type: aws:aws_cloudformation_stack_set
properties:
name: STACK-SET-NAME
description: STACK-SET-DESCRIPTION
templateUrl: ${exampleMemberAccountConfiguration.onboardingCftUrl}
parameters:
ExternalId: ${exampleMemberAccountConfiguration.externalId}
capabilities:
- CAPABILITY_NAMED_IAM
permissionModel: SERVICE_MANAGED
autoDeployment:
- enabled: true
retainStacksOnAccountRemoval: false
exampleaws_cloudformation_stack_set_instance:
type: aws:aws_cloudformation_stack_set_instance
properties:
region: AWS-REGION
stackSetName: ${exampleStackSet.name}
deploymentTargets:
- organizationalUnitIds:
- AWS-OU-ID
test:
type: dome9:AwsOrganizationOnboarding
properties:
roleArn: ${resource.aws_cloudformation_stack.example_stack.outputs.CrossAccountRoleArn}
secret: ${exampleAwsOrganizationOnboardingManagementStack.externalId}
stackSetArn: ${resource.aws_cloudformation_stack_set.example_stack_set.arn}
awsOrganizationName: AWS_ORG_NAME
variables:
exampleAwsOrganizationOnboardingManagementStack:
fn::invoke:
function: dome9:getAwsOrganizationOnboardingManagementStack
arguments:
awsAccountId: AWS_MANAGEMENT_ACCOUNT_ID
exampleMemberAccountConfiguration:
fn::invoke:
function: dome9:getAwsOrganizationOnboardingMemberAccountConfiguration
arguments: {}
Create AwsOrganizationOnboarding Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AwsOrganizationOnboarding(name: string, args: AwsOrganizationOnboardingArgs, opts?: CustomResourceOptions);@overload
def AwsOrganizationOnboarding(resource_name: str,
args: AwsOrganizationOnboardingArgs,
opts: Optional[ResourceOptions] = None)
@overload
def AwsOrganizationOnboarding(resource_name: str,
opts: Optional[ResourceOptions] = None,
role_arn: Optional[str] = None,
secret: Optional[str] = None,
stack_set_arn: Optional[str] = None,
api_key: Optional[str] = None,
aws_organization_name: Optional[str] = None,
aws_organization_onboarding_id: Optional[str] = None,
enable_stack_modify: Optional[bool] = None,
type: Optional[str] = None)func NewAwsOrganizationOnboarding(ctx *Context, name string, args AwsOrganizationOnboardingArgs, opts ...ResourceOption) (*AwsOrganizationOnboarding, error)public AwsOrganizationOnboarding(string name, AwsOrganizationOnboardingArgs args, CustomResourceOptions? opts = null)
public AwsOrganizationOnboarding(String name, AwsOrganizationOnboardingArgs args)
public AwsOrganizationOnboarding(String name, AwsOrganizationOnboardingArgs args, CustomResourceOptions options)
type: dome9:AwsOrganizationOnboarding
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AwsOrganizationOnboardingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AwsOrganizationOnboardingArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AwsOrganizationOnboardingArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AwsOrganizationOnboardingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AwsOrganizationOnboardingArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var awsOrganizationOnboardingResource = new Dome9.AwsOrganizationOnboarding("awsOrganizationOnboardingResource", new()
{
RoleArn = "string",
Secret = "string",
StackSetArn = "string",
ApiKey = "string",
AwsOrganizationName = "string",
AwsOrganizationOnboardingId = "string",
EnableStackModify = false,
Type = "string",
});
example, err := dome9.NewAwsOrganizationOnboarding(ctx, "awsOrganizationOnboardingResource", &dome9.AwsOrganizationOnboardingArgs{
RoleArn: pulumi.String("string"),
Secret: pulumi.String("string"),
StackSetArn: pulumi.String("string"),
ApiKey: pulumi.String("string"),
AwsOrganizationName: pulumi.String("string"),
AwsOrganizationOnboardingId: pulumi.String("string"),
EnableStackModify: pulumi.Bool(false),
Type: pulumi.String("string"),
})
var awsOrganizationOnboardingResource = new AwsOrganizationOnboarding("awsOrganizationOnboardingResource", AwsOrganizationOnboardingArgs.builder()
.roleArn("string")
.secret("string")
.stackSetArn("string")
.apiKey("string")
.awsOrganizationName("string")
.awsOrganizationOnboardingId("string")
.enableStackModify(false)
.type("string")
.build());
aws_organization_onboarding_resource = dome9.AwsOrganizationOnboarding("awsOrganizationOnboardingResource",
role_arn="string",
secret="string",
stack_set_arn="string",
api_key="string",
aws_organization_name="string",
aws_organization_onboarding_id="string",
enable_stack_modify=False,
type="string")
const awsOrganizationOnboardingResource = new dome9.AwsOrganizationOnboarding("awsOrganizationOnboardingResource", {
roleArn: "string",
secret: "string",
stackSetArn: "string",
apiKey: "string",
awsOrganizationName: "string",
awsOrganizationOnboardingId: "string",
enableStackModify: false,
type: "string",
});
type: dome9:AwsOrganizationOnboarding
properties:
apiKey: string
awsOrganizationName: string
awsOrganizationOnboardingId: string
enableStackModify: false
roleArn: string
secret: string
stackSetArn: string
type: string
AwsOrganizationOnboarding Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The AwsOrganizationOnboarding resource accepts the following input properties:
- Role
Arn string - CloudGuard role ARN from AWS.
secret- (Required) External ID from the management-stack API.
- Secret string
- Stack
Set stringArn - The created StackSet ARN.
- Api
Key string - API key, needed only for 'UserBased' type.
- Aws
Organization stringName - Organization name in CloudGuard.
- Aws
Organization stringOnboarding Id - Enable
Stack boolModify - Boolean flag to enable stack modification. Default is false.
- Type string
- Credential type. Default is RoleBased. Can be:
UserBased,RoleBased.
- Role
Arn string - CloudGuard role ARN from AWS.
secret- (Required) External ID from the management-stack API.
- Secret string
- Stack
Set stringArn - The created StackSet ARN.
- Api
Key string - API key, needed only for 'UserBased' type.
- Aws
Organization stringName - Organization name in CloudGuard.
- Aws
Organization stringOnboarding Id - Enable
Stack boolModify - Boolean flag to enable stack modification. Default is false.
- Type string
- Credential type. Default is RoleBased. Can be:
UserBased,RoleBased.
- role
Arn String - CloudGuard role ARN from AWS.
secret- (Required) External ID from the management-stack API.
- secret String
- stack
Set StringArn - The created StackSet ARN.
- api
Key String - API key, needed only for 'UserBased' type.
- aws
Organization StringName - Organization name in CloudGuard.
- aws
Organization StringOnboarding Id - enable
Stack BooleanModify - Boolean flag to enable stack modification. Default is false.
- type String
- Credential type. Default is RoleBased. Can be:
UserBased,RoleBased.
- role
Arn string - CloudGuard role ARN from AWS.
secret- (Required) External ID from the management-stack API.
- secret string
- stack
Set stringArn - The created StackSet ARN.
- api
Key string - API key, needed only for 'UserBased' type.
- aws
Organization stringName - Organization name in CloudGuard.
- aws
Organization stringOnboarding Id - enable
Stack booleanModify - Boolean flag to enable stack modification. Default is false.
- type string
- Credential type. Default is RoleBased. Can be:
UserBased,RoleBased.
- role_
arn str - CloudGuard role ARN from AWS.
secret- (Required) External ID from the management-stack API.
- secret str
- stack_
set_ strarn - The created StackSet ARN.
- api_
key str - API key, needed only for 'UserBased' type.
- aws_
organization_ strname - Organization name in CloudGuard.
- aws_
organization_ stronboarding_ id - enable_
stack_ boolmodify - Boolean flag to enable stack modification. Default is false.
- type str
- Credential type. Default is RoleBased. Can be:
UserBased,RoleBased.
- role
Arn String - CloudGuard role ARN from AWS.
secret- (Required) External ID from the management-stack API.
- secret String
- stack
Set StringArn - The created StackSet ARN.
- api
Key String - API key, needed only for 'UserBased' type.
- aws
Organization StringName - Organization name in CloudGuard.
- aws
Organization StringOnboarding Id - enable
Stack BooleanModify - Boolean flag to enable stack modification. Default is false.
- type String
- Credential type. Default is RoleBased. Can be:
UserBased,RoleBased.
Outputs
All input properties are implicitly available as output properties. Additionally, the AwsOrganizationOnboarding resource produces the following output properties:
- Account
Id double - CloudGuard account ID.
- Creation
Time string - Creation time of the organization.
- External
Management stringAccount Id - External
Organization stringId - External management account ID (Account ID in AWS).
- Id string
- The provider-assigned unique ID for this managed resource.
- Management
Account stringStack Id - Management account stack ID.
- Management
Account stringStack Region - Management account stack region.
- Onboarding
Configuration Dictionary<string, string> - Onboarding configuration.
- Organization
Name string - Organization name in CloudGuard.
- Stack
Set List<string>Organizational Unit Ids - List of organization root ID or organizational unit (OU) IDs.
- Stack
Set List<string>Regions - List of AWS regions the StackSet has stack instances deployed in.
- Update
Time string - last update time of the stackSet.
- User
Id double - CloudGuard user ID.
- Account
Id float64 - CloudGuard account ID.
- Creation
Time string - Creation time of the organization.
- External
Management stringAccount Id - External
Organization stringId - External management account ID (Account ID in AWS).
- Id string
- The provider-assigned unique ID for this managed resource.
- Management
Account stringStack Id - Management account stack ID.
- Management
Account stringStack Region - Management account stack region.
- Onboarding
Configuration map[string]string - Onboarding configuration.
- Organization
Name string - Organization name in CloudGuard.
- Stack
Set []stringOrganizational Unit Ids - List of organization root ID or organizational unit (OU) IDs.
- Stack
Set []stringRegions - List of AWS regions the StackSet has stack instances deployed in.
- Update
Time string - last update time of the stackSet.
- User
Id float64 - CloudGuard user ID.
- account
Id Double - CloudGuard account ID.
- creation
Time String - Creation time of the organization.
- external
Management StringAccount Id - external
Organization StringId - External management account ID (Account ID in AWS).
- id String
- The provider-assigned unique ID for this managed resource.
- management
Account StringStack Id - Management account stack ID.
- management
Account StringStack Region - Management account stack region.
- onboarding
Configuration Map<String,String> - Onboarding configuration.
- organization
Name String - Organization name in CloudGuard.
- stack
Set List<String>Organizational Unit Ids - List of organization root ID or organizational unit (OU) IDs.
- stack
Set List<String>Regions - List of AWS regions the StackSet has stack instances deployed in.
- update
Time String - last update time of the stackSet.
- user
Id Double - CloudGuard user ID.
- account
Id number - CloudGuard account ID.
- creation
Time string - Creation time of the organization.
- external
Management stringAccount Id - external
Organization stringId - External management account ID (Account ID in AWS).
- id string
- The provider-assigned unique ID for this managed resource.
- management
Account stringStack Id - Management account stack ID.
- management
Account stringStack Region - Management account stack region.
- onboarding
Configuration {[key: string]: string} - Onboarding configuration.
- organization
Name string - Organization name in CloudGuard.
- stack
Set string[]Organizational Unit Ids - List of organization root ID or organizational unit (OU) IDs.
- stack
Set string[]Regions - List of AWS regions the StackSet has stack instances deployed in.
- update
Time string - last update time of the stackSet.
- user
Id number - CloudGuard user ID.
- account_
id float - CloudGuard account ID.
- creation_
time str - Creation time of the organization.
- external_
management_ straccount_ id - external_
organization_ strid - External management account ID (Account ID in AWS).
- id str
- The provider-assigned unique ID for this managed resource.
- management_
account_ strstack_ id - Management account stack ID.
- management_
account_ strstack_ region - Management account stack region.
- onboarding_
configuration Mapping[str, str] - Onboarding configuration.
- organization_
name str - Organization name in CloudGuard.
- stack_
set_ Sequence[str]organizational_ unit_ ids - List of organization root ID or organizational unit (OU) IDs.
- stack_
set_ Sequence[str]regions - List of AWS regions the StackSet has stack instances deployed in.
- update_
time str - last update time of the stackSet.
- user_
id float - CloudGuard user ID.
- account
Id Number - CloudGuard account ID.
- creation
Time String - Creation time of the organization.
- external
Management StringAccount Id - external
Organization StringId - External management account ID (Account ID in AWS).
- id String
- The provider-assigned unique ID for this managed resource.
- management
Account StringStack Id - Management account stack ID.
- management
Account StringStack Region - Management account stack region.
- onboarding
Configuration Map<String> - Onboarding configuration.
- organization
Name String - Organization name in CloudGuard.
- stack
Set List<String>Organizational Unit Ids - List of organization root ID or organizational unit (OU) IDs.
- stack
Set List<String>Regions - List of AWS regions the StackSet has stack instances deployed in.
- update
Time String - last update time of the stackSet.
- user
Id Number - CloudGuard user ID.
Look up Existing AwsOrganizationOnboarding Resource
Get an existing AwsOrganizationOnboarding resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AwsOrganizationOnboardingState, opts?: CustomResourceOptions): AwsOrganizationOnboarding@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[float] = None,
api_key: Optional[str] = None,
aws_organization_name: Optional[str] = None,
aws_organization_onboarding_id: Optional[str] = None,
creation_time: Optional[str] = None,
enable_stack_modify: Optional[bool] = None,
external_management_account_id: Optional[str] = None,
external_organization_id: Optional[str] = None,
management_account_stack_id: Optional[str] = None,
management_account_stack_region: Optional[str] = None,
onboarding_configuration: Optional[Mapping[str, str]] = None,
organization_name: Optional[str] = None,
role_arn: Optional[str] = None,
secret: Optional[str] = None,
stack_set_arn: Optional[str] = None,
stack_set_organizational_unit_ids: Optional[Sequence[str]] = None,
stack_set_regions: Optional[Sequence[str]] = None,
type: Optional[str] = None,
update_time: Optional[str] = None,
user_id: Optional[float] = None) -> AwsOrganizationOnboardingfunc GetAwsOrganizationOnboarding(ctx *Context, name string, id IDInput, state *AwsOrganizationOnboardingState, opts ...ResourceOption) (*AwsOrganizationOnboarding, error)public static AwsOrganizationOnboarding Get(string name, Input<string> id, AwsOrganizationOnboardingState? state, CustomResourceOptions? opts = null)public static AwsOrganizationOnboarding get(String name, Output<String> id, AwsOrganizationOnboardingState state, CustomResourceOptions options)resources: _: type: dome9:AwsOrganizationOnboarding get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id double - CloudGuard account ID.
- Api
Key string - API key, needed only for 'UserBased' type.
- Aws
Organization stringName - Organization name in CloudGuard.
- Aws
Organization stringOnboarding Id - Creation
Time string - Creation time of the organization.
- Enable
Stack boolModify - Boolean flag to enable stack modification. Default is false.
- External
Management stringAccount Id - External
Organization stringId - External management account ID (Account ID in AWS).
- Management
Account stringStack Id - Management account stack ID.
- Management
Account stringStack Region - Management account stack region.
- Onboarding
Configuration Dictionary<string, string> - Onboarding configuration.
- Organization
Name string - Organization name in CloudGuard.
- Role
Arn string - CloudGuard role ARN from AWS.
secret- (Required) External ID from the management-stack API.
- Secret string
- Stack
Set stringArn - The created StackSet ARN.
- Stack
Set List<string>Organizational Unit Ids - List of organization root ID or organizational unit (OU) IDs.
- Stack
Set List<string>Regions - List of AWS regions the StackSet has stack instances deployed in.
- Type string
- Credential type. Default is RoleBased. Can be:
UserBased,RoleBased. - Update
Time string - last update time of the stackSet.
- User
Id double - CloudGuard user ID.
- Account
Id float64 - CloudGuard account ID.
- Api
Key string - API key, needed only for 'UserBased' type.
- Aws
Organization stringName - Organization name in CloudGuard.
- Aws
Organization stringOnboarding Id - Creation
Time string - Creation time of the organization.
- Enable
Stack boolModify - Boolean flag to enable stack modification. Default is false.
- External
Management stringAccount Id - External
Organization stringId - External management account ID (Account ID in AWS).
- Management
Account stringStack Id - Management account stack ID.
- Management
Account stringStack Region - Management account stack region.
- Onboarding
Configuration map[string]string - Onboarding configuration.
- Organization
Name string - Organization name in CloudGuard.
- Role
Arn string - CloudGuard role ARN from AWS.
secret- (Required) External ID from the management-stack API.
- Secret string
- Stack
Set stringArn - The created StackSet ARN.
- Stack
Set []stringOrganizational Unit Ids - List of organization root ID or organizational unit (OU) IDs.
- Stack
Set []stringRegions - List of AWS regions the StackSet has stack instances deployed in.
- Type string
- Credential type. Default is RoleBased. Can be:
UserBased,RoleBased. - Update
Time string - last update time of the stackSet.
- User
Id float64 - CloudGuard user ID.
- account
Id Double - CloudGuard account ID.
- api
Key String - API key, needed only for 'UserBased' type.
- aws
Organization StringName - Organization name in CloudGuard.
- aws
Organization StringOnboarding Id - creation
Time String - Creation time of the organization.
- enable
Stack BooleanModify - Boolean flag to enable stack modification. Default is false.
- external
Management StringAccount Id - external
Organization StringId - External management account ID (Account ID in AWS).
- management
Account StringStack Id - Management account stack ID.
- management
Account StringStack Region - Management account stack region.
- onboarding
Configuration Map<String,String> - Onboarding configuration.
- organization
Name String - Organization name in CloudGuard.
- role
Arn String - CloudGuard role ARN from AWS.
secret- (Required) External ID from the management-stack API.
- secret String
- stack
Set StringArn - The created StackSet ARN.
- stack
Set List<String>Organizational Unit Ids - List of organization root ID or organizational unit (OU) IDs.
- stack
Set List<String>Regions - List of AWS regions the StackSet has stack instances deployed in.
- type String
- Credential type. Default is RoleBased. Can be:
UserBased,RoleBased. - update
Time String - last update time of the stackSet.
- user
Id Double - CloudGuard user ID.
- account
Id number - CloudGuard account ID.
- api
Key string - API key, needed only for 'UserBased' type.
- aws
Organization stringName - Organization name in CloudGuard.
- aws
Organization stringOnboarding Id - creation
Time string - Creation time of the organization.
- enable
Stack booleanModify - Boolean flag to enable stack modification. Default is false.
- external
Management stringAccount Id - external
Organization stringId - External management account ID (Account ID in AWS).
- management
Account stringStack Id - Management account stack ID.
- management
Account stringStack Region - Management account stack region.
- onboarding
Configuration {[key: string]: string} - Onboarding configuration.
- organization
Name string - Organization name in CloudGuard.
- role
Arn string - CloudGuard role ARN from AWS.
secret- (Required) External ID from the management-stack API.
- secret string
- stack
Set stringArn - The created StackSet ARN.
- stack
Set string[]Organizational Unit Ids - List of organization root ID or organizational unit (OU) IDs.
- stack
Set string[]Regions - List of AWS regions the StackSet has stack instances deployed in.
- type string
- Credential type. Default is RoleBased. Can be:
UserBased,RoleBased. - update
Time string - last update time of the stackSet.
- user
Id number - CloudGuard user ID.
- account_
id float - CloudGuard account ID.
- api_
key str - API key, needed only for 'UserBased' type.
- aws_
organization_ strname - Organization name in CloudGuard.
- aws_
organization_ stronboarding_ id - creation_
time str - Creation time of the organization.
- enable_
stack_ boolmodify - Boolean flag to enable stack modification. Default is false.
- external_
management_ straccount_ id - external_
organization_ strid - External management account ID (Account ID in AWS).
- management_
account_ strstack_ id - Management account stack ID.
- management_
account_ strstack_ region - Management account stack region.
- onboarding_
configuration Mapping[str, str] - Onboarding configuration.
- organization_
name str - Organization name in CloudGuard.
- role_
arn str - CloudGuard role ARN from AWS.
secret- (Required) External ID from the management-stack API.
- secret str
- stack_
set_ strarn - The created StackSet ARN.
- stack_
set_ Sequence[str]organizational_ unit_ ids - List of organization root ID or organizational unit (OU) IDs.
- stack_
set_ Sequence[str]regions - List of AWS regions the StackSet has stack instances deployed in.
- type str
- Credential type. Default is RoleBased. Can be:
UserBased,RoleBased. - update_
time str - last update time of the stackSet.
- user_
id float - CloudGuard user ID.
- account
Id Number - CloudGuard account ID.
- api
Key String - API key, needed only for 'UserBased' type.
- aws
Organization StringName - Organization name in CloudGuard.
- aws
Organization StringOnboarding Id - creation
Time String - Creation time of the organization.
- enable
Stack BooleanModify - Boolean flag to enable stack modification. Default is false.
- external
Management StringAccount Id - external
Organization StringId - External management account ID (Account ID in AWS).
- management
Account StringStack Id - Management account stack ID.
- management
Account StringStack Region - Management account stack region.
- onboarding
Configuration Map<String> - Onboarding configuration.
- organization
Name String - Organization name in CloudGuard.
- role
Arn String - CloudGuard role ARN from AWS.
secret- (Required) External ID from the management-stack API.
- secret String
- stack
Set StringArn - The created StackSet ARN.
- stack
Set List<String>Organizational Unit Ids - List of organization root ID or organizational unit (OU) IDs.
- stack
Set List<String>Regions - List of AWS regions the StackSet has stack instances deployed in.
- type String
- Credential type. Default is RoleBased. Can be:
UserBased,RoleBased. - update
Time String - last update time of the stackSet.
- user
Id Number - CloudGuard user ID.
Package Details
- Repository
- dome9 dome9/terraform-provider-dome9
- License
- Notes
- This Pulumi package is based on the
dome9Terraform Provider.