Created
September 8, 2021 12:54
-
-
Save christophetd/a36dfc89323513ad1c61048a3c2dd8a6 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Ensure the AI services opt-out policy type is enabled on the Organization | |
| resource "aws_organizations_organization" "organization" { | |
| enabled_policy_types = [ | |
| # ... | |
| "AISERVICES_OPT_OUT_POLICY" | |
| ] | |
| } | |
| # Create the AI opt-out policy | |
| resource "aws_organizations_policy" "ai-optout" { | |
| name = "ai-services-optout" | |
| description = "Opt out of AI services using our data" | |
| type = "AISERVICES_OPT_OUT_POLICY" | |
| content = <<CONTENT | |
| { | |
| "services": { | |
| "default": { | |
| "opt_out_policy": { | |
| "@@assign": "optOut", | |
| "@@operators_allowed_for_child_policies": [ | |
| "@@none" | |
| ] | |
| }, | |
| "@@operators_allowed_for_child_policies": [ | |
| "@@none" | |
| ] | |
| }, | |
| "@@operators_allowed_for_child_policies": [ | |
| "@@none" | |
| ] | |
| } | |
| } | |
| CONTENT | |
| } | |
| # ... and attach it to the root of the Organization | |
| resource "aws_organizations_policy_attachment" "optout-attachment" { | |
| policy_id = aws_organizations_policy.ai-optout.id | |
| target_id = aws_organizations_organization.organization.roots[0].id | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment