Merge pull request #33408 from danquack/22909

Add org unit data source

.changelog/33408.txt

@@ -0,0 +1,3 @@
+```release-note:new-data-source
+aws_organizations_organizational_unit
+```

internal/service/organizations/organizational_unit_data_source.go

@@ -0,0 +1,64 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package organizations
+
+import (
+	"context"
+
+	"github.com/YakDriver/regexache"
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/organizations"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+	"github.com/hashicorp/terraform-provider-aws/internal/conns"
+	"github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag"
+)
+
+// @SDKDataSource("aws_organizations_organizational_unit", name="Organizational Unit")
+func DataSourceOrganizationalUnit() *schema.Resource {
+	return &schema.Resource{
+		ReadWithoutTimeout: dataSourceOrganizationalUnitRead,
+
+		Schema: map[string]*schema.Schema{
+			"arn": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"name": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"parent_id": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ValidateFunc: validation.StringMatch(regexache.MustCompile("^(r-[0-9a-z]{4,32})|(ou-[0-9a-z]{4,32}-[0-9a-z]{8,32})$"), "see https://docs.aws.amazon.com/organizations/latest/APIReference/API_CreateOrganizationalUnit.html#organizations-CreateOrganizationalUnit-request-ParentId"),
+			},
+		},
+	}
+}
+
+func dataSourceOrganizationalUnitRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	var diags diag.Diagnostics
+	conn := meta.(*conns.AWSClient).OrganizationsConn(ctx)
+
+	name := d.Get("name").(string)
+	parentID := d.Get("parent_id").(string)
+	input := &organizations.ListOrganizationalUnitsForParentInput{
+		ParentId: aws.String(parentID),
+	}
+
+	ou, err := findOrganizationalUnitForParent(ctx, conn, input, func(v *organizations.OrganizationalUnit) bool {
+		return aws.StringValue(v.Name) == name
+	})
+
+	if err != nil {
+		return sdkdiag.AppendErrorf(diags, "reading Organizations Organizational Unit (%s/%s): %s", parentID, name, err)
+	}
+
+	d.SetId(aws.StringValue(ou.Id))
+	d.Set("arn", ou.Arn)
+
+	return diags
+}

internal/service/organizations/organizational_unit_data_source_test.go

@@ -0,0 +1,59 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package organizations_test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/aws/aws-sdk-go/service/organizations"
+	sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+	"github.com/hashicorp/terraform-provider-aws/internal/acctest"
+)
+
+func testAccOrganizationalUnitDataSource_basic(t *testing.T) {
+	ctx := acctest.Context(t)
+	resourceName := "aws_organizations_organizational_unit.child"
+	dataSourceName := "data.aws_organizations_organizational_unit.test"
+	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			acctest.PreCheck(ctx, t)
+			acctest.PreCheckOrganizationManagementAccount(ctx, t)
+		},
+		ErrorCheck:               acctest.ErrorCheck(t, organizations.EndpointsID),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccOrganizationalUnitDataSourceConfig_basic(rName),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttrPair(dataSourceName, "arn", resourceName, "arn"),
+				),
+			},
+		},
+	})
+}
+
+func testAccOrganizationalUnitDataSourceConfig_basic(rName string) string {
+	return fmt.Sprintf(`
+data "aws_organizations_organization" "current" {}
+
+resource "aws_organizations_organizational_unit" "parent" {
+  name      = %[1]q
+  parent_id = data.aws_organizations_organization.current.roots[0].id
+}
+
+resource "aws_organizations_organizational_unit" "child" {
+  name      = %[1]q
+  parent_id = aws_organizations_organizational_unit.parent.id
+}
+
+data "aws_organizations_organizational_unit" "test" {
+  name      = aws_organizations_organizational_unit.child.name
+  parent_id = aws_organizations_organizational_unit.parent.id
+}
+`, rName)
+}

internal/service/organizations/organizational_unit_descendant_accounts_data_source.go

@@ -88,7 +88,7 @@ func findAllAccountsForParentAndBelow(ctx context.Context, conn *organizations.O
 
 	output = append(output, accounts...)
 
-	ous, err := findOrganizationalUnitsForParent(ctx, conn, id)
+	ous, err := findOrganizationalUnitsForParentByID(ctx, conn, id)
 
 	if err != nil {
 		return nil, err

internal/service/organizations/organizational_units_data_source.go

@@ -8,10 +8,14 @@ import (
 
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/service/organizations"
+	"github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/retry"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-provider-aws/internal/conns"
 	"github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag"
+	tfslices "github.com/hashicorp/terraform-provider-aws/internal/slices"
+	"github.com/hashicorp/terraform-provider-aws/internal/tfresource"
 )
 
 // @SDKDataSource("aws_organizations_organizational_units")
@@ -53,7 +57,7 @@ func dataSourceOrganizationalUnitsRead(ctx context.Context, d *schema.ResourceDa
 	conn := meta.(*conns.AWSClient).OrganizationsConn(ctx)
 
 	parentID := d.Get("parent_id").(string)
-	children, err := findOrganizationalUnitsForParent(ctx, conn, parentID)
+	children, err := findOrganizationalUnitsForParentByID(ctx, conn, parentID)
 
 	if err != nil {
 		return sdkdiag.AppendErrorf(diags, "listing Organizations Organization Units for parent (%s): %s", parentID, err)
@@ -67,18 +71,48 @@ func dataSourceOrganizationalUnitsRead(ctx context.Context, d *schema.ResourceDa
 	return diags
 }
 
-func findOrganizationalUnitsForParent(ctx context.Context, conn *organizations.Organizations, id string) ([]*organizations.OrganizationalUnit, error) {
+func findOrganizationalUnitsForParentByID(ctx context.Context, conn *organizations.Organizations, id string) ([]*organizations.OrganizationalUnit, error) {
 	input := &organizations.ListOrganizationalUnitsForParentInput{
 		ParentId: aws.String(id),
 	}
+
+	return findOrganizationalUnitsForParent(ctx, conn, input, tfslices.PredicateTrue[*organizations.OrganizationalUnit]())
+}
+
+func findOrganizationalUnitForParent(ctx context.Context, conn *organizations.Organizations, input *organizations.ListOrganizationalUnitsForParentInput, filter tfslices.Predicate[*organizations.OrganizationalUnit]) (*organizations.OrganizationalUnit, error) {
+	output, err := findOrganizationalUnitsForParent(ctx, conn, input, filter)
+
+	if err != nil {
+		return nil, err
+	}
+
+	return tfresource.AssertSinglePtrResult(output)
+}
+
+func findOrganizationalUnitsForParent(ctx context.Context, conn *organizations.Organizations, input *organizations.ListOrganizationalUnitsForParentInput, filter tfslices.Predicate[*organizations.OrganizationalUnit]) ([]*organizations.OrganizationalUnit, error) {
 	var output []*organizations.OrganizationalUnit
 
 	err := conn.ListOrganizationalUnitsForParentPagesWithContext(ctx, input, func(page *organizations.ListOrganizationalUnitsForParentOutput, lastPage bool) bool {
-		output = append(output, page.OrganizationalUnits...)
+		if page == nil {
+			return !lastPage
+		}
+
+		for _, v := range page.OrganizationalUnits {
+			if v != nil && filter(v) {
+				output = append(output, v)
+			}
+		}
 
 		return !lastPage
 	})
 
+	if tfawserr.ErrCodeEquals(err, organizations.ErrCodeParentNotFoundException) {
+		return nil, &retry.NotFoundError{
+			LastError:   err,
+			LastRequest: input,
+		}
+	}
+
 	if err != nil {
 		return nil, err
 	}

internal/service/organizations/organizations_test.go

@@ -45,13 +45,14 @@ func TestAccOrganizations_serial(t *testing.T) {
 			"GovCloud":        testAccAccount_govCloud,
 		},
 		"OrganizationalUnit": {
-			"basic":                        testAccOrganizationalUnit_basic,
-			"disappears":                   testAccOrganizationalUnit_disappears,
-			"update":                       testAccOrganizationalUnit_update,
-			"tags":                         testAccOrganizationalUnit_tags,
-			"ChildAccountsDataSource":      testAccOrganizationalUnitChildAccountsDataSource_basic,
-			"DescendantAccountsDataSource": testAccOrganizationalUnitDescendantAccountsDataSource_basic,
-			"PluralDataSource":             testAccOrganizationalUnitsDataSource_basic,
+			"basic":                              testAccOrganizationalUnit_basic,
+			"disappears":                         testAccOrganizationalUnit_disappears,
+			"update":                             testAccOrganizationalUnit_update,
+			"tags":                               testAccOrganizationalUnit_tags,
+			"DataSource_basic":                   testAccOrganizationalUnitDataSource_basic,
+			"ChildAccountsDataSource_basic":      testAccOrganizationalUnitChildAccountsDataSource_basic,
+			"DescendantAccountsDataSource_basic": testAccOrganizationalUnitDescendantAccountsDataSource_basic,
+			"PluralDataSource_basic":             testAccOrganizationalUnitsDataSource_basic,
 		},
 		"Policy": {
 			"basic":                  testAccPolicy_basic,

website/docs/cdktf/python/r/organizations_organizational_unit.html.markdown

@@ -73,4 +73,4 @@ Using `terraform import`, import AWS Organizations Organizational Units using th
 % terraform import aws_organizations_organizational_unit.example ou-1234567
 ```
 
-<!-- cache-key: cdktf-0.18.0 input-e83646b093e28cb1e4ec4a1afa0a1e1832d418c207b7f14b799f6e614b256dc8 -->
+<!-- cache-key: cdktf-0.18.0 input-e83646b093e28cb1e4ec4a1afa0a1e1832d418c207b7f14b799f6e614b256dc8 -->

website/docs/cdktf/typescript/r/organizations_organizational_unit.html.markdown

@@ -80,4 +80,4 @@ Using `terraform import`, import AWS Organizations Organizational Units using th
 % terraform import aws_organizations_organizational_unit.example ou-1234567
 ```
 
-<!-- cache-key: cdktf-0.18.0 input-e83646b093e28cb1e4ec4a1afa0a1e1832d418c207b7f14b799f6e614b256dc8 -->
+<!-- cache-key: cdktf-0.18.0 input-e83646b093e28cb1e4ec4a1afa0a1e1832d418c207b7f14b799f6e614b256dc8 -->

website/docs/d/organizations_organizational_unit.html.markdown

@@ -0,0 +1,40 @@
+---
+subcategory: "Organizations"
+layout: "aws"
+page_title: "AWS: aws_organizations_organizational_unit"
+description: |-
+  Terraform data source for getting an AWS Organizations Organizational Unit.
+---
+
+# Data Source: aws_organizations_organizational_unit
+
+Terraform data source for getting an AWS Organizations Organizational Unit.
+
+## Example Usage
+
+### Basic Usage
+
+```terraform
+data "aws_organizations_organization" "org" {}
+
+data "aws_organizations_organizational_unit" "ou" {
+  parent_id = data.aws_organizations_organization.org.roots[0].id
+  name      = "dev"
+}
+```
+
+## Argument Reference
+
+The following arguments are required:
+
+* `parent_id` - (Required) Parent ID of the organizational unit.
+
+* `name` - (Required) Name of the organizational unit
+
+## Attribute Reference
+
+This data source exports the following attributes in addition to the arguments above:
+
+* `arn` - ARN of the organizational unit
+
+* `id` - ID of the organizational unit