New Resource: aws_organizations_organization

aws/config.go

@@ -68,6 +68,7 @@ import (
 	"github.com/aws/aws-sdk-go/service/mediastore"
 	"github.com/aws/aws-sdk-go/service/mq"
 	"github.com/aws/aws-sdk-go/service/opsworks"
+	"github.com/aws/aws-sdk-go/service/organizations"
 	"github.com/aws/aws-sdk-go/service/rds"
 	"github.com/aws/aws-sdk-go/service/redshift"
 	"github.com/aws/aws-sdk-go/service/route53"
@@ -194,6 +195,7 @@ type AWSClient struct {
 	lightsailconn         *lightsail.Lightsail
 	mqconn                *mq.MQ
 	opsworksconn          *opsworks.OpsWorks
+	organizationsconn     *organizations.Organizations
 	glacierconn           *glacier.Glacier
 	guarddutyconn         *guardduty.GuardDuty
 	codebuildconn         *codebuild.CodeBuild
@@ -444,6 +446,7 @@ func (c *Config) Client() (interface{}, error) {
 	client.lightsailconn = lightsail.New(sess)
 	client.mqconn = mq.New(sess)
 	client.opsworksconn = opsworks.New(sess)
+	client.organizationsconn = organizations.New(sess)
 	client.r53conn = route53.New(r53Sess)
 	client.rdsconn = rds.New(awsRdsSess)
 	client.redshiftconn = redshift.New(sess)

aws/import_aws_organization_test.go

@@ -0,0 +1,28 @@
+package aws
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform/helper/resource"
+)
+
+func TestAccAWSOrganizationImportBasic(t *testing.T) {
+	resourceName := "aws_organization.test"
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSOrganizationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSOrganizationConfig(),
+			},
+
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}

aws/provider.go

@@ -454,6 +454,7 @@ func Provider() terraform.ResourceProvider {
 			"aws_opsworks_user_profile":                    resourceAwsOpsworksUserProfile(),
 			"aws_opsworks_permission":                      resourceAwsOpsworksPermission(),
 			"aws_opsworks_rds_db_instance":                 resourceAwsOpsworksRdsDbInstance(),
+			"aws_organization":                             resourceAwsOrganization(),
 			"aws_placement_group":                          resourceAwsPlacementGroup(),
 			"aws_proxy_protocol_policy":                    resourceAwsProxyProtocolPolicy(),
 			"aws_rds_cluster":                              resourceAwsRDSCluster(),

aws/resource_aws_organization.go

@@ -0,0 +1,109 @@
+package aws
+
+import (
+	"fmt"
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/awserr"
+	"github.com/aws/aws-sdk-go/service/organizations"
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/hashicorp/terraform/helper/validation"
+	"log"
+)
+
+func resourceAwsOrganization() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceAwsOrganizationCreate,
+		Read:   resourceAwsOrganizationRead,
+		Update: resourceAwsOrganizationUpdate,
+		Delete: resourceAwsOrganizationDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"arn": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"master_account_arn": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"master_account_email": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"master_account_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"feature_set": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				Default:      "ALL",
+				ValidateFunc: validation.StringInSlice([]string{organizations.OrganizationFeatureSetAll, organizations.OrganizationFeatureSetConsolidatedBilling}, true),
+			},
+		},
+	}
+}
+
+func resourceAwsOrganizationCreate(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).organizationsconn
+
+	createOpts := &organizations.CreateOrganizationInput{
+		FeatureSet: aws.String(d.Get("feature_set").(string)),
+	}
+	log.Printf("[DEBUG] Creating Organization: %#v", createOpts)
+
+	resp, err := conn.CreateOrganization(createOpts)
+	if err != nil {
+		return fmt.Errorf("Error creating organization: %s", err)
+	}
+
+	org := resp.Organization
+	d.SetId(*org.Id)
+	log.Printf("[INFO] Organization ID: %s", d.Id())
+
+	return resourceAwsOrganizationUpdate(d, meta)
+}
+
+func resourceAwsOrganizationRead(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).organizationsconn
+
+	log.Printf("[INFO] Reading Organization: %s", d.Id())
+	org, err := conn.DescribeOrganization(&organizations.DescribeOrganizationInput{})
+	if err != nil {
+		if orgerr, ok := err.(awserr.Error); ok && orgerr.Code() == "AWSOrganizationsNotInUseException" {
+			log.Printf("[WARN] Organization does not exist, removing from state: %s", d.Id())
+			d.SetId("")
+			return nil
+		}
+		return err
+	}
+
+	d.Set("arn", org.Organization.Arn)
+	d.Set("feature_set", org.Organization.FeatureSet)
+	d.Set("master_account_arn", org.Organization.MasterAccountArn)
+	d.Set("master_account_email", org.Organization.MasterAccountEmail)
+	d.Set("master_account_id", org.Organization.MasterAccountId)
+	return nil
+}
+
+func resourceAwsOrganizationUpdate(d *schema.ResourceData, meta interface{}) error {
+	return resourceAwsOrganizationRead(d, meta)
+}
+
+func resourceAwsOrganizationDelete(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).organizationsconn
+
+	log.Printf("[INFO] Deleting Organization: %s", d.Id())
+
+	_, err := conn.DeleteOrganization(&organizations.DeleteOrganizationInput{})
+	if err != nil {
+		return fmt.Errorf("Error deleting Organization: %s", err)
+	}
+
+	d.SetId("")
+
+	return nil
+}

aws/resource_aws_organization_test.go

@@ -0,0 +1,122 @@
+package aws
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/aws/aws-sdk-go/service/organizations"
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccAWSOrganization_basic(t *testing.T) {
+	var organization organizations.Organization
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSOrganizationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSOrganizationConfig(),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSOrganizationExists("aws_organization.test", &organization),
+					resource.TestCheckResourceAttr("aws_organization.test", "feature_set", organizations.OrganizationFeatureSetAll),
+					resource.TestCheckResourceAttrSet("aws_organization.test", "arn"),
+					resource.TestCheckResourceAttrSet("aws_organization.test", "master_account_arn"),
+					resource.TestCheckResourceAttrSet("aws_organization.test", "master_account_email"),
+					resource.TestCheckResourceAttrSet("aws_organization.test", "feature_set"),
+				),
+			},
+		},
+	})
+}
+
+func TestAccAWSOrganization_consolidatedBilling(t *testing.T) {
+	var organization organizations.Organization
+
+	feature_set := organizations.OrganizationFeatureSetConsolidatedBilling
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSOrganizationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSOrganizationConfigConsolidatedBilling(feature_set),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSOrganizationExists("aws_organization.test", &organization),
+					resource.TestCheckResourceAttr("aws_organization.test", "feature_set", feature_set),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckAWSOrganizationDestroy(s *terraform.State) error {
+	conn := testAccProvider.Meta().(*AWSClient).organizationsconn
+
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "aws_organization" {
+			continue
+		}
+
+		params := &organizations.DescribeOrganizationInput{}
+
+		resp, err := conn.DescribeOrganization(params)
+
+		if err != nil || resp == nil {
+			return nil
+		}
+
+		if resp.Organization != nil {
+			return fmt.Errorf("Bad: Organization still exists: %q", rs.Primary.ID)
+		}
+	}
+
+	return nil
+}
+
+func testAccCheckAWSOrganizationExists(n string, a *organizations.Organization) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[n]
+		if !ok {
+			return fmt.Errorf("Not found: %s", n)
+		}
+
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("Organization ID not set")
+		}
+
+		conn := testAccProvider.Meta().(*AWSClient).organizationsconn
+		params := &organizations.DescribeOrganizationInput{}
+
+		resp, err := conn.DescribeOrganization(params)
+
+		if err != nil || resp == nil {
+			return nil
+		}
+
+		if resp.Organization == nil {
+			return fmt.Errorf("Organization %q does not exist", rs.Primary.ID)
+		}
+
+		a = resp.Organization
+
+		return nil
+	}
+}
+
+func testAccAWSOrganizationConfig() string {
+	return fmt.Sprintf(`
+resource "aws_organization" "test" {}
+`)
+}
+
+func testAccAWSOrganizationConfigConsolidatedBilling(feature_set string) string {
+	return fmt.Sprintf(`
+resource "aws_organization" "test" {
+  feature_set = "%s"
+}
+`, feature_set)
+}

website/aws.erb

@@ -1359,6 +1359,16 @@
                     </ul>
                 </li>
 
+                <li<%= sidebar_current("docs-aws-resource-organization") %>>
+                    <a href="#">Organization Resources</a>
+                    <ul class="nav nav-visible">
+
+                        <li<%= sidebar_current("docs-aws-resource-organization") %>>
+                            <a href="/docs/providers/aws/r/organization.html">aws_organization</a>
+                        </li>
+                    </ul>
+                </li>
+
                 <li<%= sidebar_current("docs-aws-resource-(db|rds)") %>>
                     <a href="#">RDS Resources</a>
                     <ul class="nav nav-visible">

website/docs/r/organization.html.markdown

@@ -0,0 +1,33 @@
+---
+layout: "aws"
+page_title: "AWS: aws_organization
+sidebar_current: "docs-aws-resource-organization|"
+description: |-
+  Provides a resource to create an organization.
+---
+
+# aws\_organization
+
+Provides a resource to create an organization.
+
+## Example Usage:
+
+```hcl
+resource "aws_organization" "org" {
+  feature_set = "ALL"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `feature_set` - (Optional) Specify "ALL" (default) or "CONSOLIDATED_BILLING".
+
+## Import
+
+The AWS organization can be imported by using the `account_id`, e.g.
+
+```
+$ terraform import aws_organization.my_org 111111111111
+```