From 73b3e75c39f6b87924cadfc8bc89609b04dec9d4 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Fri, 24 Feb 2023 12:54:09 -0500
Subject: [PATCH] fix

---
 share-resources/README.md          | 1 -
 share-resources/data.org_master.tf | 7 +++++++
 share-resources/share.tf           | 2 +-
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/share-resources/README.md b/share-resources/README.md
index 0ed08e0..bb9833a 100644
--- a/share-resources/README.md
+++ b/share-resources/README.md
@@ -38,7 +38,6 @@ No modules.
 | [aws_caller_identity.org_master_account](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
 | [aws_iam_account_alias.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_account_alias) | data source |
 | [aws_organizations_organization.org](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/organizations_organization) | data source |
-| [aws_organizations_organizational_unit_descendant_accounts.accounts](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/organizations_organizational_unit_descendant_accounts) | data source |
 | [aws_organizations_resource_tags.accounts](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/organizations_resource_tags) | data source |
 | [aws_organizations_resource_tags.organizational_units](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/organizations_resource_tags) | data source |
 | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
diff --git a/share-resources/data.org_master.tf b/share-resources/data.org_master.tf
index 900769e..eb77e3d 100644
--- a/share-resources/data.org_master.tf
+++ b/share-resources/data.org_master.tf
@@ -6,3 +6,10 @@ data "aws_arn" "org_master_account" {
   provider = aws.org_master
   arn      = data.aws_caller_identity.org_master_account.arn
 }
+
+
+# because we cannot delegate an orgs administrator in govcloud, we have to use the org master account and west region
+# https://docs.aws.amazon.com/govcloud-us/latest/UserGuide/govcloud-organizations.html
+data "aws_organizations_organization" "org" {
+  provider = aws.org_master
+}
diff --git a/share-resources/share.tf b/share-resources/share.tf
index f909785..101dcec 100644
--- a/share-resources/share.tf
+++ b/share-resources/share.tf
@@ -78,7 +78,7 @@ resource "aws_ram_resource_association" "subnets_accounts" {
 # organizational units
 #---
 locals {
-  share_organizatonal_unit_map = { for p in setproduct(keys(local.subnets), keys(local.share_ou_arns)) : format("%v:%v", p[0], p[1]) => {
+  share_organizational_unit_map = { for p in setproduct(keys(local.subnets), keys(local.share_ou_arns)) : format("%v:%v", p[0], p[1]) => {
     label                 = format("%v:%v", p[0], p[1])
     subnet_id             = p[0]
     subnet_arn            = local.subnets[p[0]].arn