A Terraform module which configures your AWS Organization and creates AWS accounts. Read this page for more information, and for a secure reference architecture by AWS, read this page.
module "organization" {
source = "../modules/organization"
version = "~> 3"
aws_service_access_principals = [
"access-analyzer.amazonaws.com",
"account.amazonaws.com",
"cloudtrail.amazonaws.com",
"member.org.stacksets.cloudformation.amazonaws.com",
"sso.amazonaws.com"
]
enabled_policy_types = ["BACKUP_POLICY", "SERVICE_CONTROL_POLICY", "TAG_POLICY"]
feature_set = "ALL"
primary_contact = {
address_line_1 = "123 Main St"
city = "Anytown"
country_code = "US"
full_name = "John Doe"
phone_number = "+1-555-555-5555"
postal_code = "12345"
state_or_region = "WA"
}
billing_contact = {
name = "Jane Doe"
title = "Billing"
email_address = "billing@example.com"
}
operations_contact = {
name = "Jane Doe"
title = "Operations"
email_address = "ops@example.com"
}
security_contact = {
name = "Jane Doe"
title = "Security"
email_address = "security@example.com"
}
}
module "organization_units" {
source = "../modules/organization-units"
version = "~> 3"
organizations_units = {
"Development" = {
parent_id = module.organization.organization_root_id
}
"Operations" = {
parent_id = module.organization.organization_root_id
}
"Security" = {
parent_id = module.organization.organization_root_id
}
}
}
module "accounts" {
source = "../modules/accounts"
version = "~> 3"
contacts = dependency.org.outputs.contacts
accounts = {
keys = {
email = "keys@example.com"
delegated_administrator_services = []
parent_id = dependency.ous.outputs.ous["security"].id
}
logs = {
email = "logs@example.com"
delegated_administrator_services = []
parent_id = dependency.ous.outputs.ous["security"].id
}
}
}
module "org_policies" {
source = "../modules/org-policies"
version = "~> 3"
organizations_policies = {
"BackupPolicy" = {
description = "Backup policy"
policy = file("${path.module}/policies/backup_policy.json")
target_id = module.organization.organization_root_id
type = "BACKUP_POLICY"
}
"ServiceControlPolicy" = {
description = "Service control policy"
policy = file("${path.module}/policies/service_control_policy.json")
target_id = module.organization.organization_root_id
type = "SERVICE_CONTROL_POLICY"
}
"TagPolicy" = {
description = "Tag policy"
policy = file("${path.module}/policies/tag_policy.json")
target_id = module.organization.organization_root_id
type = "TAG_POLICY"
}
}
}A Terraform module which configures your AWS Organization and creates AWS accounts. Read this page for more information, and for a secure reference architecture by AWS, read this page.
| Name | Version |
|---|---|
| terraform | >= 1 |
| aws | ~> 5 |
| Name | Version |
|---|---|
| aws | 5.49.0 |
| Name | Type |
|---|---|
| aws_account_alternate_contact.billing | resource |
| aws_account_alternate_contact.operations | resource |
| aws_account_alternate_contact.security | resource |
| aws_account_primary_contact.default | resource |
| aws_organizations_account.default | resource |
| aws_organizations_delegated_administrator.default | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| accounts | List of AWS accounts to create | map(object({ |
n/a | yes |
| contacts | Primary and alternate contacts for the accounts | object({ |
n/a | yes |
| Name | Description |
|---|---|
| accounts | The accounts created |
We are Blackbird Cloud, Amsterdam based cloud consultancy, and cloud management service provider. We help companies build secure, cost efficient, and scale-able solutions.
Checkout our other π terraform modules
Copyright Β© 2017-2023 Blackbird Cloud
A Terraform module which configures your AWS Organization and creates AWS accounts. Read this page for more information, and for a secure reference architecture by AWS, read this page.
| Name | Version |
|---|---|
| terraform | >= 1 |
| aws | ~> 5 |
| Name | Version |
|---|---|
| aws | 5.49.0 |
| Name | Type |
|---|---|
| aws_account_alternate_contact.root_billing | resource |
| aws_account_alternate_contact.root_operations | resource |
| aws_account_alternate_contact.root_security | resource |
| aws_account_primary_contact.root | resource |
| aws_organizations_organization.default | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| aws_service_access_principals | (Optional) List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have feature_set set to ALL. Some services do not support enablement via this endpoint, see warning in aws docs. https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services_list.html | list(string) |
n/a | yes |
| billing_contact | email_address - (Required) An email address for the alternate contact. name - (Required) Name of the alternate contact. phone_number - (Required) Phone number for the alternate contact. title - (Required) Title for the alternate contact. | any |
n/a | yes |
| enabled_policy_types | (Optional) List of Organizations policy types to enable in the Organization Root. Organization must have feature_set set to ALL. For additional information about valid policy types (e.g., AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, SERVICE_CONTROL_POLICY, and TAG_POLICY), see the AWS Organizations API Reference. | list(string) |
[] |
no |
| feature_set | (Optional) Specify "ALL" (default) or "CONSOLIDATED_BILLING". | string |
n/a | yes |
| operations_contact | email_address - (Required) An email address for the alternate contact. name - (Required) Name of the alternate contact. phone_number - (Required) Phone number for the alternate contact. title - (Required) Title for the alternate contact. | any |
n/a | yes |
| primary_contact | address_line_1 - (Required) The first line of the primary contact address. address_line_2 - (Optional) The second line of the primary contact address, if any. address_line_3 - (Optional) The third line of the primary contact address, if any. city - (Required) The city of the primary contact address. company_name - (Optional) The name of the company associated with the primary contact information, if any. country_code - (Required) The ISO-3166 two-letter country code for the primary contact address. district_or_county - (Optional) The district or county of the primary contact address, if any. full_name - (Required) The full name of the primary contact address. phone_number - (Required) The phone number of the primary contact information. The number will be validated and, in some countries, checked for activation. postal_code - (Required) The postal code of the primary contact address. state_or_region - (Optional) The state or region of the primary contact address. This field is required in selected countries. website_url - (Optional) The URL of the website associated with the primary contact information, if any. | any |
n/a | yes |
| security_contact | email_address - (Required) An email address for the alternate contact. name - (Required) Name of the alternate contact. phone_number - (Required) Phone number for the alternate contact. title - (Required) Title for the alternate contact. | any |
n/a | yes |
| Name | Description |
|---|---|
| contacts | The contacts for the organization |
| organization_root_id | The ID of the organization root |
We are Blackbird Cloud, Amsterdam based cloud consultancy, and cloud management service provider. We help companies build secure, cost efficient, and scale-able solutions.
Checkout our other π terraform modules
Copyright Β© 2017-2023 Blackbird Cloud
A Terraform module which configures your AWS Organization and creates AWS accounts. Read this page for more information, and for a secure reference architecture by AWS, read this page.
| Name | Version |
|---|---|
| terraform | >= 1 |
| aws | ~> 5 |
| Name | Version |
|---|---|
| aws | 5.49.0 |
| Name | Type |
|---|---|
| aws_organizations_policy.default | resource |
| aws_organizations_policy_attachment.default | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| organizations_policies | A map of policies to attach to the organization | map(object({ |
n/a | yes |
| tags | A map of tags to add to the resources | map(string) |
n/a | yes |
| Name | Description |
|---|---|
| policies | The policies for the organization |
We are Blackbird Cloud, Amsterdam based cloud consultancy, and cloud management service provider. We help companies build secure, cost efficient, and scale-able solutions.
Checkout our other π terraform modules
Copyright Β© 2017-2023 Blackbird Cloud
A Terraform module which configures your AWS Organization and creates AWS accounts. Read this page for more information, and for a secure reference architecture by AWS, read this page.
| Name | Version |
|---|---|
| terraform | >= 1 |
| aws | ~> 5 |
| Name | Version |
|---|---|
| aws | 5.49.0 |
| Name | Type |
|---|---|
| aws_organizations_organizational_unit.default | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| organization_units | List of organizational units to create | map(object( |
n/a | yes |
| Name | Description |
|---|---|
| ous | The organizational units for the organization |
We are Blackbird Cloud, Amsterdam based cloud consultancy, and cloud management service provider. We help companies build secure, cost efficient, and scale-able solutions.
Checkout our other π terraform modules
Copyright Β© 2017-2023 Blackbird Cloud
We are Blackbird Cloud, Amsterdam based cloud consultancy, and cloud management service provider. We help companies build secure, cost efficient, and scale-able solutions.
Checkout our other π terraform modules
Copyright Β© 2017-2023 Blackbird Cloud