[New Data Source]: ControlCatalog ListControls & GetControls

[dcibarra]

Description

Hello - I'd like to request Data Sources for Control Catalog. Primarily ListControls and GetControls. This would be beneficial in deploying Control Tower Controls via Terraform. The existing data source aws_controltower_controls only pulls controls already applied; meaning I need to get data about the controls from outside my configuration. Currently I am using boto3 to create a .json file and ingesting this as a local variable that I can filter and iterate over to deploy controls. This is not ideal since it means my .json file might be out of sync if AWS adds new controls.

Requested Resource(s) and/or Data Source(s)

aws_controlcatalog_controls

Potential Terraform Configuration

data "aws_controlcatalog_controls" "controls" {

}

data "aws_organizations_organizations_ou" "example" {

}

resource "aws_organizations_organizational_unit" "example" {
  name = "Example"
    parent_id = data.aws_organizations_organization.example.roots[0].id
}

resource "aws_controltower_control" "dectective_control" {
  for_each = { for control in data.aws_controlcatalog_controls.controls : control.Arn => control if control.Behavior == "DETECTIVE" }
  target_identifier = aws_organizations_organizational_unit.example.arn
    control_identifier = each.value.Arn
}

References

https://docs.aws.amazon.com/controlcatalog/latest/APIReference/API_ListControls.html

Would you like to implement a fix?

No

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[dcibarra]

@justinretzolk Any update on this? Just curious what to expect for turnaround on this kind of thing. Thanks!