Terraform Notes
Working with Variables
In this example, I am populating a dummy Service Control Policy (SCP) in my Org. As such, I need to provide target ID that is the root's ID.main.tf
provider "aws" { alias = "master_east_2" version = "~> 2.0" region = "us-east-2" access_key = "AAAAAAAAAAAAAAAAA" secret_key = "ffffffffffffffffffffffffffffffffff" } variable "main_target_id" { type = string default = "r-ppg1" } module "org_scp" { source = "./module" module_target_id = var.main_target_id providers = { aws = aws.master_east_2 } }
From main.tf, I feed in a local variable called main_target_id with the value "r-ppg1" this is the id of the org root. The module is using a variable called "module_target_id," we define this in the module file in the variable block. The variable block is used to define the type and default, if applicable.
module/module_scp.tf
resource "aws_organizations_policy" "example" { name = "example" content = <<CONTENT { "Version": "2012-10-17", "Statement": { "Effect": "Allow", "Action": "*", "Resource": "*" } } CONTENT } variable "module_target_id" { type = string } resource "aws_organizations_policy_attachment" "root" { policy_id = aws_organizations_policy.example.id target_id = var.module_target_id }
The resource "aws_organizations_policy_attachment" is expecting two arguments policy_id and target_id. These we don't control.
No comments:
Post a Comment