Docs
PackagesAWS Native is in preview. AWS Classic is fully supported.
aws-native.organizations.Policy
Explore with Pulumi AI
AWS Native is in preview. AWS Classic is fully supported.
Policies in AWS Organizations enable you to manage different features of the AWS accounts in your organization. You can use policies when all features are enabled in your organization.
Create Policy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Policy(name: string, args: PolicyArgs, opts?: CustomResourceOptions);@overload
def Policy(resource_name: str,
args: PolicyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Policy(resource_name: str,
opts: Optional[ResourceOptions] = None,
content: Optional[Any] = None,
type: Optional[PolicyType] = None,
description: Optional[str] = None,
name: Optional[str] = None,
tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
target_ids: Optional[Sequence[str]] = None)func NewPolicy(ctx *Context, name string, args PolicyArgs, opts ...ResourceOption) (*Policy, error)public Policy(string name, PolicyArgs args, CustomResourceOptions? opts = null)
public Policy(String name, PolicyArgs args)
public Policy(String name, PolicyArgs args, CustomResourceOptions options)
type: aws-native:organizations:Policy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Policy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Policy resource accepts the following input properties:
- Content object
The Policy text content. For AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it.
Search the CloudFormation User Guide for
AWS::Organizations::Policyfor more information about the expected schema for this property.- Type
Pulumi.
Aws Native. Organizations. Policy Type - The type of policy to create. You can specify one of the following values: AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, SERVICE_CONTROL_POLICY, TAG_POLICY
- Description string
- Human readable description of the policy
- Name string
- Name of the Policy
-
List<Pulumi.
Aws Native. Inputs. Tag> - A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to null.
- Target
Ids List<string> - List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to
- Content interface{}
The Policy text content. For AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it.
Search the CloudFormation User Guide for
AWS::Organizations::Policyfor more information about the expected schema for this property.- Type
Policy
Type - The type of policy to create. You can specify one of the following values: AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, SERVICE_CONTROL_POLICY, TAG_POLICY
- Description string
- Human readable description of the policy
- Name string
- Name of the Policy
-
Tag
Args - A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to null.
- Target
Ids []string - List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to
- content Object
The Policy text content. For AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it.
Search the CloudFormation User Guide for
AWS::Organizations::Policyfor more information about the expected schema for this property.- type
Policy
Type - The type of policy to create. You can specify one of the following values: AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, SERVICE_CONTROL_POLICY, TAG_POLICY
- description String
- Human readable description of the policy
- name String
- Name of the Policy
- List<Tag>
- A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to null.
- target
Ids List<String> - List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to
- content any
The Policy text content. For AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it.
Search the CloudFormation User Guide for
AWS::Organizations::Policyfor more information about the expected schema for this property.- type
Policy
Type - The type of policy to create. You can specify one of the following values: AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, SERVICE_CONTROL_POLICY, TAG_POLICY
- description string
- Human readable description of the policy
- name string
- Name of the Policy
- Tag[]
- A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to null.
- target
Ids string[] - List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to
- content Any
The Policy text content. For AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it.
Search the CloudFormation User Guide for
AWS::Organizations::Policyfor more information about the expected schema for this property.- type
Policy
Type - The type of policy to create. You can specify one of the following values: AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, SERVICE_CONTROL_POLICY, TAG_POLICY
- description str
- Human readable description of the policy
- name str
- Name of the Policy
-
Sequence[Tag
Args] - A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to null.
- target_
ids Sequence[str] - List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to
- content Any
The Policy text content. For AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it.
Search the CloudFormation User Guide for
AWS::Organizations::Policyfor more information about the expected schema for this property.- type "SERVICE_CONTROL_POLICY" | "AISERVICES_OPT_OUT_POLICY" | "BACKUP_POLICY" | "TAG_POLICY"
- The type of policy to create. You can specify one of the following values: AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, SERVICE_CONTROL_POLICY, TAG_POLICY
- description String
- Human readable description of the policy
- name String
- Name of the Policy
- List<Property Map>
- A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to null.
- target
Ids List<String> - List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to
Outputs
All input properties are implicitly available as output properties. Additionally, the Policy resource produces the following output properties:
- Arn string
- ARN of the Policy
- Aws
Id string - Id of the Policy
- Aws
Managed bool - A boolean value that indicates whether the specified policy is an AWS managed policy. If true, then you can attach the policy to roots, OUs, or accounts, but you cannot edit it.
- Id string
- The provider-assigned unique ID for this managed resource.
- Arn string
- ARN of the Policy
- Aws
Id string - Id of the Policy
- Aws
Managed bool - A boolean value that indicates whether the specified policy is an AWS managed policy. If true, then you can attach the policy to roots, OUs, or accounts, but you cannot edit it.
- Id string
- The provider-assigned unique ID for this managed resource.
- arn String
- ARN of the Policy
- aws
Id String - Id of the Policy
- aws
Managed Boolean - A boolean value that indicates whether the specified policy is an AWS managed policy. If true, then you can attach the policy to roots, OUs, or accounts, but you cannot edit it.
- id String
- The provider-assigned unique ID for this managed resource.
- arn string
- ARN of the Policy
- aws
Id string - Id of the Policy
- aws
Managed boolean - A boolean value that indicates whether the specified policy is an AWS managed policy. If true, then you can attach the policy to roots, OUs, or accounts, but you cannot edit it.
- id string
- The provider-assigned unique ID for this managed resource.
- arn str
- ARN of the Policy
- aws_
id str - Id of the Policy
- aws_
managed bool - A boolean value that indicates whether the specified policy is an AWS managed policy. If true, then you can attach the policy to roots, OUs, or accounts, but you cannot edit it.
- id str
- The provider-assigned unique ID for this managed resource.
- arn String
- ARN of the Policy
- aws
Id String - Id of the Policy
- aws
Managed Boolean - A boolean value that indicates whether the specified policy is an AWS managed policy. If true, then you can attach the policy to roots, OUs, or accounts, but you cannot edit it.
- id String
- The provider-assigned unique ID for this managed resource.
Supporting Types
PolicyType, PolicyTypeArgs
- Service
Control Policy - SERVICE_CONTROL_POLICY
- Aiservices
Opt Out Policy - AISERVICES_OPT_OUT_POLICY
- Backup
Policy - BACKUP_POLICY
- Tag
Policy - TAG_POLICY
- Policy
Type Service Control Policy - SERVICE_CONTROL_POLICY
- Policy
Type Aiservices Opt Out Policy - AISERVICES_OPT_OUT_POLICY
- Policy
Type Backup Policy - BACKUP_POLICY
- Policy
Type Tag Policy - TAG_POLICY
- Service
Control Policy - SERVICE_CONTROL_POLICY
- Aiservices
Opt Out Policy - AISERVICES_OPT_OUT_POLICY
- Backup
Policy - BACKUP_POLICY
- Tag
Policy - TAG_POLICY
- Service
Control Policy - SERVICE_CONTROL_POLICY
- Aiservices
Opt Out Policy - AISERVICES_OPT_OUT_POLICY
- Backup
Policy - BACKUP_POLICY
- Tag
Policy - TAG_POLICY
- SERVICE_CONTROL_POLICY
- SERVICE_CONTROL_POLICY
- AISERVICES_OPT_OUT_POLICY
- AISERVICES_OPT_OUT_POLICY
- BACKUP_POLICY
- BACKUP_POLICY
- TAG_POLICY
- TAG_POLICY
- "SERVICE_CONTROL_POLICY"
- SERVICE_CONTROL_POLICY
- "AISERVICES_OPT_OUT_POLICY"
- AISERVICES_OPT_OUT_POLICY
- "BACKUP_POLICY"
- BACKUP_POLICY
- "TAG_POLICY"
- TAG_POLICY
Tag, TagArgs
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
AWS Native is in preview. AWS Classic is fully supported.