Stax has added a new Stax Workload default parameter, StaxAwsOrgId, to allow access to your AWS Organization ID when deploying Stax Workloads.

Use this new parameter to easily access your AWS Organization ID value to allow Organization-wide IAM permissions.

For more information on using AWS Organizational IAM permissions, see this blog post from AWS.

Example:

The following example grants s3:GetObject on a S3 bucket access to all accounts in your AWS Organization. ```yaml AWSTemplateFormatVersion: "2010-09-09" Parameters: StaxAwsOrgId: Type: "String" Resources: S3Bucket: Type: "AWS::S3::Bucket" Properties: BucketName: "my-s3-bucket" S3BucketPolicy: Type: "AWS::S3::BucketPolicy" Properties: Bucket: !Ref S3Bucket PolicyDocument: Statement: - Action: - "s3:GetObject" Effect: Allow Resource: Fn::Join: - "" - - "arn:aws:s3:::" - !Ref S3Bucket - / Principal: "" Condition: StringEquals: aws:PrincipalOrgID: - !Ref StaxAwsOrgId

```