Fork me on GitHub

Module organizations

@pulumi/aws > organizations

Index

organizations/account.ts organizations/organization.ts organizations/policy.ts organizations/policyAttachment.ts

class Account

Provides a resource to create a member account in the current organization.

~> Note: Account management must be done from the organization’s master account.

!> WARNING: Deleting this Terraform resource will only remove an AWS account from an organization. Terraform will not close the account. The member account must be prepared to be a standalone account beforehand. See the AWS Organizations documentation for more information.

constructor

new Account(name: string, args: AccountArgs, opts?: pulumi.CustomResourceOptions)

Create a Account resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AccountState): Account

Get an existing Account resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn

public arn: pulumi.Output<string>;

The ARN for this account.

property email

public email: pulumi.Output<string>;

The email address of the owner to assign to the new member account. This email address must not already be associated with another AWS account.

property iamUserAccessToBilling

public iamUserAccessToBilling: pulumi.Output<string | undefined>;

If set to ALLOW, the new account enables IAM users to access account billing information if they have the required permissions. If set to DENY, then only the root user of the new account can access account billing information.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property joinedMethod

public joinedMethod: pulumi.Output<string>;

property joinedTimestamp

public joinedTimestamp: pulumi.Output<string>;

property name

public name: pulumi.Output<string>;

A friendly name for the member account.

property roleName

public roleName: pulumi.Output<string | undefined>;

The name of an IAM role that Organizations automatically preconfigures in the new member account. This role trusts the master account, allowing users in the master account to assume the role, as permitted by the master account administrator. The role has administrator permissions in the new member account.

property status

public status: pulumi.Output<string>;

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class Organization

Provides a resource to create an organization.

constructor

new Organization(name: string, args?: OrganizationArgs, opts?: pulumi.CustomResourceOptions)

Create a Organization resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: OrganizationState): Organization

Get an existing Organization resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn

public arn: pulumi.Output<string>;

ARN of the organization

property featureSet

public featureSet: pulumi.Output<string | undefined>;

Specify “ALL” (default) or “CONSOLIDATED_BILLING”.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property masterAccountArn

public masterAccountArn: pulumi.Output<string>;

ARN of the master account

property masterAccountEmail

public masterAccountEmail: pulumi.Output<string>;

Email address of the master account

property masterAccountId

public masterAccountId: pulumi.Output<string>;

Identifier of the master account

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class Policy

Provides a resource to manage an AWS Organizations policy.

constructor

new Policy(name: string, args: PolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a Policy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: PolicyState): Policy

Get an existing Policy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn

public arn: pulumi.Output<string>;

Amazon Resource Name (ARN) of the policy.

property content

public content: pulumi.Output<string>;

The policy content to add to the new policy. For example, if you create a service control policy (SCP), this string must be JSON text that specifies the permissions that admins in attached accounts can delegate to their users, groups, and roles. For more information about the SCP syntax, see the Service Control Policy Syntax documentation.

property description

public description: pulumi.Output<string | undefined>;

A description to assign to the policy.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The friendly name to assign to the policy.

property type

public type: pulumi.Output<string | undefined>;

The type of policy to create. Currently, the only valid value is SERVICE_CONTROL_POLICY (SCP).

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class PolicyAttachment

Provides a resource to attach an AWS Organizations policy to an organization account, root, or unit.

constructor

new PolicyAttachment(name: string, args: PolicyAttachmentArgs, opts?: pulumi.CustomResourceOptions)

Create a PolicyAttachment resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: PolicyAttachmentState): PolicyAttachment

Get an existing PolicyAttachment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property policyId

public policyId: pulumi.Output<string>;

The unique identifier (ID) of the policy that you want to attach to the target.

property targetId

public targetId: pulumi.Output<string>;

The unique identifier (ID) of the root, organizational unit, or account number that you want to attach the policy to.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

interface AccountArgs

The set of arguments for constructing a Account resource.

property email

email: pulumi.Input<string>;

The email address of the owner to assign to the new member account. This email address must not already be associated with another AWS account.

property iamUserAccessToBilling

iamUserAccessToBilling?: pulumi.Input<string>;

If set to ALLOW, the new account enables IAM users to access account billing information if they have the required permissions. If set to DENY, then only the root user of the new account can access account billing information.

property name

name?: pulumi.Input<string>;

A friendly name for the member account.

property roleName

roleName?: pulumi.Input<string>;

The name of an IAM role that Organizations automatically preconfigures in the new member account. This role trusts the master account, allowing users in the master account to assume the role, as permitted by the master account administrator. The role has administrator permissions in the new member account.

interface AccountState

Input properties used for looking up and filtering Account resources.

property arn

arn?: pulumi.Input<string>;

The ARN for this account.

property email

email?: pulumi.Input<string>;

The email address of the owner to assign to the new member account. This email address must not already be associated with another AWS account.

property iamUserAccessToBilling

iamUserAccessToBilling?: pulumi.Input<string>;

If set to ALLOW, the new account enables IAM users to access account billing information if they have the required permissions. If set to DENY, then only the root user of the new account can access account billing information.

property joinedMethod

joinedMethod?: pulumi.Input<string>;

property joinedTimestamp

joinedTimestamp?: pulumi.Input<string>;

property name

name?: pulumi.Input<string>;

A friendly name for the member account.

property roleName

roleName?: pulumi.Input<string>;

The name of an IAM role that Organizations automatically preconfigures in the new member account. This role trusts the master account, allowing users in the master account to assume the role, as permitted by the master account administrator. The role has administrator permissions in the new member account.

property status

status?: pulumi.Input<string>;

interface OrganizationArgs

The set of arguments for constructing a Organization resource.

property featureSet

featureSet?: pulumi.Input<string>;

Specify “ALL” (default) or “CONSOLIDATED_BILLING”.

interface OrganizationState

Input properties used for looking up and filtering Organization resources.

property arn

arn?: pulumi.Input<string>;

ARN of the organization

property featureSet

featureSet?: pulumi.Input<string>;

Specify “ALL” (default) or “CONSOLIDATED_BILLING”.

property masterAccountArn

masterAccountArn?: pulumi.Input<string>;

ARN of the master account

property masterAccountEmail

masterAccountEmail?: pulumi.Input<string>;

Email address of the master account

property masterAccountId

masterAccountId?: pulumi.Input<string>;

Identifier of the master account

interface PolicyArgs

The set of arguments for constructing a Policy resource.

property content

content: pulumi.Input<string>;

The policy content to add to the new policy. For example, if you create a service control policy (SCP), this string must be JSON text that specifies the permissions that admins in attached accounts can delegate to their users, groups, and roles. For more information about the SCP syntax, see the Service Control Policy Syntax documentation.

property description

description?: pulumi.Input<string>;

A description to assign to the policy.

property name

name?: pulumi.Input<string>;

The friendly name to assign to the policy.

property type

type?: pulumi.Input<string>;

The type of policy to create. Currently, the only valid value is SERVICE_CONTROL_POLICY (SCP).

interface PolicyAttachmentArgs

The set of arguments for constructing a PolicyAttachment resource.

property policyId

policyId: pulumi.Input<string>;

The unique identifier (ID) of the policy that you want to attach to the target.

property targetId

targetId: pulumi.Input<string>;

The unique identifier (ID) of the root, organizational unit, or account number that you want to attach the policy to.

interface PolicyAttachmentState

Input properties used for looking up and filtering PolicyAttachment resources.

property policyId

policyId?: pulumi.Input<string>;

The unique identifier (ID) of the policy that you want to attach to the target.

property targetId

targetId?: pulumi.Input<string>;

The unique identifier (ID) of the root, organizational unit, or account number that you want to attach the policy to.

interface PolicyState

Input properties used for looking up and filtering Policy resources.

property arn

arn?: pulumi.Input<string>;

Amazon Resource Name (ARN) of the policy.

property content

content?: pulumi.Input<string>;

The policy content to add to the new policy. For example, if you create a service control policy (SCP), this string must be JSON text that specifies the permissions that admins in attached accounts can delegate to their users, groups, and roles. For more information about the SCP syntax, see the Service Control Policy Syntax documentation.

property description

description?: pulumi.Input<string>;

A description to assign to the policy.

property name

name?: pulumi.Input<string>;

The friendly name to assign to the policy.

property type

type?: pulumi.Input<string>;

The type of policy to create. Currently, the only valid value is SERVICE_CONTROL_POLICY (SCP).