Output OU names and IDs

Author: snemetz

README.md

@@ -31,6 +31,12 @@ module "organizational-units" {
 | aws\_region | AWS region | string | `us-east-1` | no |
 | ou\_list | List of organizational unit to manage. These will be top level under root | string | - | yes |
 
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| organizational\_units | Organizational units |
+
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM GRAPH HOOK -->
 

examples/basic/README.md

@@ -23,4 +23,10 @@ terraform apply
 | aws\_region | AWS region | string | `us-east-1` | no |
 | ou\_list | List of organizational unit to manage. These will be top level under root | string | - | yes |
 
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| organizational\_units | Organizational units |
+
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

examples/basic/outputs.tf

@@ -0,0 +1,7 @@
+# External has results but no idea about plan/apply
+# Null understands plan/apply but has no output
+
+output "organizational_units" {
+  description = "Organizational units"
+  value       = "${module.example.organizational_units}"
+}

main.tf

@@ -19,3 +19,11 @@ resource "null_resource" "organizational_units" {
     command = "echo '${jsonencode(map("aws_profile", var.aws_profile, "ou_list", var.ou_list))}' | bash -c ${path.module}/scripts/ou.sh"
   }
 }
+
+data "external" "organizational_units" {
+  program = ["bash", "${path.module}/scripts/get_ous.sh"]
+
+  query = {
+    aws_profile = "${var.aws_profile}"
+  }
+}

outputs.tf

@@ -1 +1,7 @@
+# External has results but no idea about plan/apply
+# Null understands plan/apply but has no output
 
+output "organizational_units" {
+  description = "Organizational units"
+  value       = "${data.external.organizational_units.result}"
+}

resource-plan-graph.png

@@ -0,0 +1,34 @@
+#!/usr/local/bin/bash
+# #!/bin/bash
+#
+# This script is expected to be from Terraform via external provider
+
+# Get the current OU names and ids
+#
+# Parameters:
+#   aws_profile   AWS profile
+
+set -e
+eval "$(jq -r '@sh "aws_profile=\(.aws_profile)"')"
+
+root_id=$(aws organizations list-roots --profile ${aws_profile} | jq -r .Roots[0].Id)
+
+ou_exists_list=$(aws organizations list-organizational-units-for-parent --parent-id ${root_id} --profile ${aws_profile} | jq -r '.OrganizationalUnits[] | [.Name, .Id] | join(":")')
+declare -A ou_lookup
+for ou in ${ou_exists_list}; do
+  ou_lookup["${ou%%:*}"]="${ou##*:}"
+done
+
+# can only return strings
+#echo "{\
+# \"ou_names\": $(echo -n "${!ou_lookup[@]}" | jq -cRs 'split(" ")'),\
+# \"ou_ids\": $(echo -n "${ou_lookup[@]}" | jq -cRs 'split(" ")') \
+#}"
+
+json="{"
+for ou in "${!ou_lookup[@]}"; do
+  json="${json} \"${ou}\":\"${ou_lookup[${ou}]}\","
+done
+json="${json%%,}"
+json="${json} }"
+echo "${json}"

scripts/get_ous.sh

@@ -38,6 +38,20 @@ for ou in ${ou_list}; do
   fi
 done
 
+ou_exists_list=$(aws organizations list-organizational-units-for-parent --parent-id ${root_id} --profile ${aws_profile} | jq -r '.OrganizationalUnits[] | [.Name, .Id] | join(":")')
+declare -A ou_lookup
+for ou in ${ou_exists_list}; do
+  ou_lookup["${ou%%:*}"]="${ou##*:}"
+done
+
 # OUs: core, environments
 # What data should be outputted?
-jq -n --arg aws_profile "$aws_profile" '{"aws_profile":$aws_profile}'
+#   all OU names and IDs
+#   format?
+#   Other things will need to be able lookup OU ID
+#   2 ordered lists ${!ou_lookup[@]} ${ou_lookup[@]}
+
+echo "{\
+ \"ou_names\":$(echo -n "${!ou_lookup[@]}" | jq -cRs 'split(" ")'),\
+ \"ou_ids\":$(echo -n "${ou_lookup[@]}" | jq -cRs 'split(" ")') \
+}"