My Saved Presets
You must be logged in to view saved presets

Loading Library ...

AWS Organizations Resource Policy Template

Creates a resource-based delegation policy in AWS Organizations to delegate policy management to a specified member account.

example

aws_organizations_resource_policy


depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



Terraform Template

resource "aws_organizations_resource_policy" "example" {
  content = <<-EOF
    {
     "Version": "2012-10-17",
     "Statement": [
     {
     "Sid": "DelegatingNecessaryDescribeListActions",
     "Effect": "Allow",
     "Principal": {
     "AWS": "arn:aws:iam::123456789012:root"
     },
     "Action": [
     "organizations:DescribeOrganization",
     "organizations:DescribeOrganizationalUnit",
     "organizations:DescribeAccount",
     "organizations:DescribePolicy",
     "organizations:DescribeEffectivePolicy",
     "organizations:ListRoots",
     "organizations:ListOrganizationalUnitsForParent",
     "organizations:ListParents",
     "organizations:ListChildren",
     "organizations:ListAccounts",
     "organizations:ListAccountsForParent",
     "organizations:ListPolicies",
     "organizations:ListPoliciesForTarget",
     "organizations:ListTargetsForPolicy",
     "organizations:ListTagsForResource"
     ],
     "Resource": "*"
     }
     ]
    }
    
  EOF
}

© 2024 asecurecloud. All rights reserved.