diff --git a/ldap-ou-create/README.md b/ldap-ou-create/README.md
index e9d35f2..d3f18bd 100644
--- a/ldap-ou-create/README.md
+++ b/ldap-ou-create/README.md
@@ -5,20 +5,8 @@ The [ldap-provider](https://github.e.it.census.gov/terraform/support/tree/master
This has to be done before creating any roles with `aws-iam-role` and LDAP creation enabled.
There are some quirks to the `ldap-provider` (we use [this](https://github.com/Pryz/terraform-provider-ldap) one), where if any
-details change in the DN or the DN cannot be constructed due to missing data, a *tcp connection closed* message occurs.
-
-Because of this quirk, this is a two-step apply. The first step creates the IAM role and creates an LDIF file in
-`setup/{role-name}.ldif`. It uses the presence of this file to create the LDAP object in the second step. Example:
-
-1. Step 1, creates null resource
-```console
-% terraform apply -target=module.ou
-```
-
-2. Step 2, creates ldap object
-```console
-% terraform apply -target=module.ou
-```
+details change in the DN or the DN cannot be constructed due to missing data, a *tcp connection closed* message occurs. However, for this
+one, there are no changes to the resource which are dynamic, so it can be done normally in just one step.
# Usage
@@ -85,7 +73,4 @@ No modules.
## Outputs
-| Name | Description |
-|------|-------------|
-| [role\_arn](#output\_role\_arn) | Created role ARN |
-| [role\_name](#output\_role\_name) | Created role name |
+No outputs.
diff --git a/ldap-ou-create/main.tf b/ldap-ou-create/main.tf
index 446edd9..fb43c29 100644
--- a/ldap-ou-create/main.tf
+++ b/ldap-ou-create/main.tf
@@ -6,20 +6,8 @@
* This has to be done before creating any roles with `aws-iam-role` and LDAP creation enabled.
*
* There are some quirks to the `ldap-provider` (we use [this](https://github.com/Pryz/terraform-provider-ldap) one), where if any
-* details change in the DN or the DN cannot be constructed due to missing data, a *tcp connection closed* message occurs.
-*
-* Because of this quirk, this is a two-step apply. The first step creates the IAM role and creates an LDIF file in
-* `setup/{role-name}.ldif`. It uses the presence of this file to create the LDAP object in the second step. Example:
-*
-* 1. Step 1, creates null resource
-* ```console
-* % terraform apply -target=module.ou
-* ```
-*
-* 2. Step 2, creates ldap object
-* ```console
-* % terraform apply -target=module.ou
-* ```
+* details change in the DN or the DN cannot be constructed due to missing data, a *tcp connection closed* message occurs. However, for this
+* one, there are no changes to the resource which are dynamic, so it can be done normally in just one step.
*
* # Usage
*
@@ -79,7 +67,8 @@ resource "null_resource" "ou_ldif" {
}
resource "ldap_object" "ou" {
- count = local.ldap_exists && local.enable_ldap ? 1 : 0
+ # count = local.ldap_exists && local.enable_ldap ? 1 : 0
+ count = local.enable_ldap ? 1 : 0
provider = ldap
dn = format("ou=%s,ou=AWS,ou=Cloud,ou=Application,o=U.S. Census Bureau,c=US", local.account_id)
object_classes = [
diff --git a/ldap-ou-create/outputs.tf b/ldap-ou-create/outputs.tf
index 9f9435c..e69de29 100644
--- a/ldap-ou-create/outputs.tf
+++ b/ldap-ou-create/outputs.tf
@@ -1,10 +0,0 @@
-
-output "role_arn" {
- description = "Created role ARN"
- value = aws_iam_role.role.arn
-}
-
-output "role_name" {
- description = "Created role name"
- value = aws_iam_role.role.name
-}