feat: adds submodule to create organizations policy

nimisha-gj · nimisha-gj · commit 2512bd2b3a31 · 2024-07-08T15:58:41.000+05:30
diff --git a/modules/policy/.header.md b/modules/policy/.header.md
@@ -0,0 +1,3 @@
+# Terraform AWS Organizations Policy Module
+
+A Terraform module for creating and managing AWS Organizations Policy.
diff --git a/modules/policy/README.md b/modules/policy/README.md
@@ -0,0 +1,45 @@
+# Terraform AWS Organizations Policy Module
+
+A Terraform module for creating and managing AWS Organizations Policy.
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.4.6 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.65.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.65.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_organizations_policy.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/organizations_policy) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_content"></a> [content](#input\_content) | (Required) The policy content to add to the new policy. | `any` | n/a | yes |
+| <a name="input_description"></a> [description](#input\_description) | (Optional) A description to assign to the policy. | `string` | `null` | no |
+| <a name="input_name"></a> [name](#input\_name) | (Required) The friendly name to assign to the policy. | `string` | n/a | yes |
+| <a name="input_skip_destroy"></a> [skip\_destroy](#input\_skip\_destroy) | (Optional) If set to true, destroy will not delete the policy and instead just remove the resource from state. | `bool` | `false` | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) Key-value map of resource tags. | `map(string)` | `{}` | no |
+| <a name="input_type"></a> [type](#input\_type) | (Optional) The type of policy to create. | `string` | `"SERVICE_CONTROL_POLICY"` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_aws_organizations_policy_arn"></a> [aws\_organizations\_policy\_arn](#output\_aws\_organizations\_policy\_arn) | Amazon Resource Name (ARN) of the policy. |
+| <a name="output_aws_organizations_policy_id"></a> [aws\_organizations\_policy\_id](#output\_aws\_organizations\_policy\_id) | The unique identifier (ID) of the policy. |
+| <a name="output_aws_organizations_policy_tags_all"></a> [aws\_organizations\_policy\_tags\_all](#output\_aws\_organizations\_policy\_tags\_all) | A map of tags assigned to the resource, including those inherited from the provider default\_tags configuration block. |
diff --git a/modules/policy/main.tf b/modules/policy/main.tf
@@ -0,0 +1,8 @@
+resource "aws_organizations_policy" "this" {
+  content      = var.content
+  name         = var.name
+  description  = var.description
+  skip_destroy = var.skip_destroy
+  type         = var.type
+  tags         = var.tags
+}
diff --git a/modules/policy/outputs.tf b/modules/policy/outputs.tf
@@ -0,0 +1,14 @@
+output "aws_organizations_policy_id" {
+  description = "The unique identifier (ID) of the policy."
+  value       = aws_organizations_policy.this.id
+}
+
+output "aws_organizations_policy_arn" {
+  description = "Amazon Resource Name (ARN) of the policy."
+  value       = aws_organizations_policy.this.arn
+}
+
+output "aws_organizations_policy_tags_all" {
+  description = "A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block."
+  value       = aws_organizations_policy.this.tags_all
+}
diff --git a/modules/policy/variables.tf b/modules/policy/variables.tf
@@ -0,0 +1,38 @@
+variable "content" {
+  description = "(Required) The policy content to add to the new policy."
+  type        = any
+}
+
+variable "name" {
+  description = "(Required) The friendly name to assign to the policy."
+  type        = string
+}
+
+variable "description" {
+  description = "(Optional) A description to assign to the policy."
+  type        = string
+  default     = null
+}
+
+variable "skip_destroy" {
+  description = "(Optional) If set to true, destroy will not delete the policy and instead just remove the resource from state."
+  type        = bool
+  default     = false
+}
+
+variable "type" {
+  description = "(Optional) The type of policy to create."
+  type        = string
+  default     = "SERVICE_CONTROL_POLICY"
+
+  validation {
+    condition     = contains(["AISERVICES_OPT_OUT_POLICY", "BACKUP_POLICY", "SERVICE_CONTROL_POLICY", "TAG_POLICY"], var.type)
+    error_message = "The 'type' variable must be one of: AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, SERVICE_CONTROL_POLICY, TAG_POLICY."
+  }
+}
+
+variable "tags" {
+  description = "(Optional) Key-value map of resource tags."
+  type        = map(string)
+  default     = {}
+}
diff --git a/modules/policy/versions.tf b/modules/policy/versions.tf
@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.4.6"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 4.65.0"
+    }
+  }
+}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+# Terraform AWS Organizations Policy Module`
	`2`	`+`
	`3`	`+A Terraform module for creating and managing AWS Organizations Policy.`