Hi!
Still getting used to Terraform, so maybe a rookie mistake. Im trying to create an AWS landingzone, using AWS Organizations.
Im stuck on creating the accounts and putting them in the correct OUs. It worked when doing it with repeat code, but I want to do it with a for_each loop since it would do the same thing over and over.
locals {
account_settings = {
"Logging" = {name = "logging", ou = "Security", email = "aws+logging@domain.com"},
"Shared" = {name = "shared-resources", ou = "Shared", email = "aws+shared@domain.com"},
"Production" = {name = "production", ou = "Production", email = "aws+production@domain.com"}
}
}
resource "aws_organizations_organization" "my_org" {
aws_service_access_principals = [
"cloudtrail.amazonaws.com",
"sso.amazonaws.com",
]
feature_set = "ALL"
}
resource "aws_organizations_organizational_unit" "OUs" {
for_each = local.account_settings
name = each.value.ou
parent_id = aws_organizations_organization.my_org.roots[0].id
}
resource "aws_organizations_account" "Accounts" {
for_each = local.account_settings
name = "${var.organizationName}-${each.value.name}"
email = each.value.email
parent_id = aws_organizations_organizational_unit.OUs[each.value.ou].id
}
This should create three accounts in three different OUs.
But terraform plan gives me this error:
on organizations.tf line 48, in resource "aws_organizations_account" "Accounts":
48: parent_id = aws_organizations_organizational_unit.OUs[each.value.ou].id
|----------------
| aws_organizations_organizational_unit.OUs is object with 3 attributes
| each.value.ou is "Security"
The given key does not identify an element in this collection value.
It seems to resolve “each.value.ou” correctly but that “Security” is not a valid element in the collection?