search

aws-ia / terraform-aws-control_tower_account_factory

AWS Control Tower Account Factory
Apache License 2.0
604 stars 386 forks source link

Enrolling AFT-Provisioned Account in a Child OU #444

Open rihemlahmar opened 3 months ago

rihemlahmar commented 3 months ago

Terraform version v1.7.4

terraform providers AWS

Bug Description I am trying to enroll an account created with the Account Factory Tool (AFT) into a child Organizational Unit (OU) within my AWS organization. However, I am currently unable to dynamically set the ManagedOrganizationalUnit parameter within the Terraform configuration to reference the desired child OU based on the OU ID and OU name.

To Reproduce Example steps to reproduce the behavior:

control_tower_parameters = { AccountEmail = "network-test-account@gmail.com" AccountName = "network-test-account" ManagedOrganizationalUnit = "Test/Infrastructure" SSOUserEmail = "network-test-account@gmail.com" SSOUserFirstName = "Infra" SSOUserLastName = "AFT" } Expected behavior Provisioned account under the child OU Test OU

Sanjan611 commented 3 months ago

Hi @rihemlahmar , could you update your issue description with the template for submitting bugs?

michael-drinker commented 2 months ago

The issue is that your ManagedOrganizationalUnit should be in the format: Infrastructure (${infrastructure_ou_id}).