From d052e944d5274132765168560c9be4990ea1e531 Mon Sep 17 00:00:00 2001
From: danielw-aws <daneiljw@amazon.com>
Date: Wed, 31 May 2023 11:23:33 -0700
Subject: [PATCH 1/5] added all files for policies for target (changelogs, data
 source, tests and service package)

---
 .changelog/30687.txt                          |   3 +
 .../policies_for_target_data_source.go        | 127 ++++++++++++++++++
 .../policies_for_target_data_source_test.go   |  85 ++++++++++++
 .../organizations/service_package_gen.go      |   4 +
 ...izations_policies_for_target.html.markdown |  43 ++++++
 .../docs/d/organizations_policy.html.markdown |   2 +-
 6 files changed, 263 insertions(+), 1 deletion(-)
 create mode 100644 .changelog/30687.txt
 create mode 100644 internal/service/organizations/policies_for_target_data_source.go
 create mode 100644 internal/service/organizations/policies_for_target_data_source_test.go
 create mode 100644 website/docs/d/organizations_policies_for_target.html.markdown

diff --git a/.changelog/30687.txt b/.changelog/30687.txt
new file mode 100644
index 000000000000..817026ff0748
--- /dev/null
+++ b/.changelog/30687.txt
@@ -0,0 +1,3 @@
+```release-note:new-data-source
+aws_organizations_policies_for_target
+```
\ No newline at end of file
diff --git a/internal/service/organizations/policies_for_target_data_source.go b/internal/service/organizations/policies_for_target_data_source.go
new file mode 100644
index 000000000000..5ee5c6b4298d
--- /dev/null
+++ b/internal/service/organizations/policies_for_target_data_source.go
@@ -0,0 +1,127 @@
+package organizations
+
+import (
+	"context"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/organizations"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-provider-aws/internal/conns"
+	"github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag"
+)
+
+// @SDKDataSource("aws_organizations_policies_for_target")
+func DataSourcePoliciesForTarget() *schema.Resource {
+	return &schema.Resource{
+		ReadWithoutTimeout: dataSourcePoliciesForTargetRead,
+
+		Schema: map[string]*schema.Schema{
+			"target_id": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"filter": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"policies": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"arn": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"aws_managed": {
+							Type:     schema.TypeBool,
+							Computed: true,
+						},
+						"description": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"id": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"name": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"type": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+const (
+	DSNamePoliciesForTarget = "PoliciesForTarget Data Source"
+)
+
+func dataSourcePoliciesForTargetRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	var diags diag.Diagnostics
+
+	conn := meta.(*conns.AWSClient).OrganizationsConn()
+
+	targetID := d.Get("target_id").(string)
+	filter := d.Get("filter").(string)
+
+	policies, err := findPoliciesForTarget(ctx, conn, targetID, filter)
+	if err != nil {
+		return sdkdiag.AppendErrorf(diags, "listing Organizations Policies for target (%s): %s", targetID, err)
+	}
+
+	d.SetId(targetID)
+	d.Set("filter", filter)
+
+	if err := d.Set("policies", FlattenOrganizationPolicies(policies)); err != nil {
+		return sdkdiag.AppendErrorf(diags, "setting policies: %s", err)
+	}
+
+	return diags
+}
+
+func findPoliciesForTarget(ctx context.Context, conn *organizations.Organizations, id string, filter string) ([]*organizations.PolicySummary, error) {
+	input := &organizations.ListPoliciesForTargetInput{
+		TargetId: aws.String(id),
+		Filter:   aws.String(filter),
+	}
+	var output []*organizations.PolicySummary
+
+	err := conn.ListPoliciesForTargetPagesWithContext(ctx, input, func(page *organizations.ListPoliciesForTargetOutput, lastPage bool) bool {
+		output = append(output, page.Policies...)
+
+		return !lastPage
+	})
+
+	if err != nil {
+		return nil, err
+	}
+
+	return output, nil
+}
+
+func FlattenOrganizationPolicies(policies []*organizations.PolicySummary) []map[string]interface{} {
+	if len(policies) == 0 {
+		return nil
+	}
+	var result []map[string]interface{}
+	for _, policy := range policies {
+		result = append(result, map[string]interface{}{
+			"arn":         aws.StringValue(policy.Arn),
+			"aws_managed": aws.BoolValue(policy.AwsManaged),
+			"description": aws.StringValue(policy.Description),
+			"id":          aws.StringValue(policy.Id),
+			"name":        aws.StringValue(policy.Name),
+			"type":        aws.StringValue(policy.Type),
+		})
+	}
+	return result
+}
diff --git a/internal/service/organizations/policies_for_target_data_source_test.go b/internal/service/organizations/policies_for_target_data_source_test.go
new file mode 100644
index 000000000000..0bdaa9dd43d3
--- /dev/null
+++ b/internal/service/organizations/policies_for_target_data_source_test.go
@@ -0,0 +1,85 @@
+package organizations_test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/aws/aws-sdk-go/service/organizations"
+	sdkacctest "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+	"github.com/hashicorp/terraform-provider-aws/internal/acctest"
+)
+
+func TestAccPoliciesForTargetDataSource_basic(t *testing.T) {
+	ctx := acctest.Context(t)
+	dataSourceName := "data.aws_organizations_policies_for_target.test"
+	policyResourceName := "data.aws_organizations_policy.test"
+	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			acctest.PreCheck(ctx, t)
+			acctest.PreCheckOrganizationManagementAccount(ctx, t)
+		},
+		ErrorCheck:               acctest.ErrorCheck(t, organizations.EndpointsID),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccPoliciesForTargetDataSourceConfig_AttachQuery(rName),
+				Check: resource.ComposeTestCheckFunc(
+					acctest.CheckResourceAttrGreaterThanValue("data.aws_organizations_policies_for_target.test", "policies.#", "0"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "policies.0.arn", policyResourceName, "arn"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "policies.0.id", policyResourceName, "id"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "policies.0.name", policyResourceName, "name"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "policies.0.description", policyResourceName, "description"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "policies.0.type", policyResourceName, "type"),
+				),
+			},
+		},
+	})
+}
+
+func testAccPoliciesForTargetDataSourceConfig_AttachQuery(rName string) string {
+	return fmt.Sprintf(`
+data "aws_organizations_organization" "test" {
+}
+
+resource "aws_organizations_organizational_unit" "test" {
+  name      = %[1]q
+  parent_id = data.aws_organizations_organization.test.roots[0].id
+}
+
+resource "aws_organizations_policy" "test" {
+  depends_on = [data.aws_organizations_organization.test]
+
+  content = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": {
+    "Effect": "Allow",
+    "Action": "*",
+    "Resource": "*"
+  }
+}
+EOF
+
+  name = %[1]q
+}
+
+resource "aws_organizations_policy_attachment" "test" {
+  depends_on = [aws_organizations_policy.test]
+  policy_id  = aws_organizations_policy.test.id
+  target_id  = aws_organizations_organizational_unit.test.id
+}
+
+data "aws_organizations_policies_for_target" "test" {
+  depends_on = [aws_organizations_policy_attachment.test]
+  target_id  = aws_organizations_organizational_unit.test.id
+  filter     = "SERVICE_CONTROL_POLICY"
+}
+
+data "aws_organizations_policy" "test" {
+  policy_id = data.aws_organizations_policies_for_target.test.policies[0].id
+}
+`, rName)
+}
diff --git a/internal/service/organizations/service_package_gen.go b/internal/service/organizations/service_package_gen.go
index 73d13c280346..c357cf820cb7 100644
--- a/internal/service/organizations/service_package_gen.go
+++ b/internal/service/organizations/service_package_gen.go
@@ -45,6 +45,10 @@ func (p *servicePackage) SDKDataSources(ctx context.Context) []*types.ServicePac
 			Factory:  DataSourceOrganizationalUnits,
 			TypeName: "aws_organizations_organizational_units",
 		},
+		{
+			Factory:  DataSourcePoliciesForTarget,
+			TypeName: "aws_organizations_policies_for_target",
+		},
 		{
 			Factory:  DataSourcePolicy,
 			TypeName: "aws_organizations_policy",
diff --git a/website/docs/d/organizations_policies_for_target.html.markdown b/website/docs/d/organizations_policies_for_target.html.markdown
new file mode 100644
index 000000000000..807927ef14e3
--- /dev/null
+++ b/website/docs/d/organizations_policies_for_target.html.markdown
@@ -0,0 +1,43 @@
+---
+subcategory: "Organizations"
+layout: "aws"
+page_title: "AWS: aws_organizations_policies_for_target"
+description: |-
+  Terraform data source for managing an AWS Organizations Policies For Target.
+---
+
+# Data Source: aws_organizations_policies_for_target
+
+Terraform data source for managing an AWS Organizations Policies For Target.
+
+## Example Usage
+
+### Basic Usage
+
+```terraform
+data "aws_organizations_organization" "org" {}
+
+data "aws_organizations_policies_for_target" "policies" {
+  target_id = data.aws_organizations_organization.org.roots[0].id
+  filter    = "SERVICE_CONTROL_POLICY"
+}
+```
+
+## Argument Reference
+
+The following arguments are required:
+
+* `target_id` - (Required) The root (string that begins with "r-" followed by 4-32 lowercase letters or digits), account (12 digit string), or Organizational Unit (string starting with "ou-" followed by 4-32 lowercase letters or digits. This string is followed by a second "-" dash and from 8-32 additional lowercase letters or digits.)
+* `filter` - (Required) Must supply one of the 4 different policy filters for a target (SERVICE_CONTROL_POLICY | TAG_POLICY | BACKUP_POLICY | AISERVICES_OPT_OUT_POLICY)
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `policies` - List of child accounts, which have the following attributes:
+    * `arn` - The Amazon Resource Name (ARN) of the account.
+    * `aws_managed` - Indicates if a policy is AWS managed.
+    * `description` - Description of the policy.
+    * `id` - The unique identifier (ID) of the policy.
+    * `name` - The friendly name of the policy.
+    * `type` - The type of policy.
diff --git a/website/docs/d/organizations_policy.html.markdown b/website/docs/d/organizations_policy.html.markdown
index fb9830ecc666..03b4b4c9320e 100644
--- a/website/docs/d/organizations_policy.html.markdown
+++ b/website/docs/d/organizations_policy.html.markdown
@@ -17,7 +17,7 @@ Terraform data source for managing an AWS Organizations Policy.
 ```terraform
 data "aws_organizations_organization" "current" {}
 
-data "aws_organizations_oorganizational_policies" "current" {
+data "aws_organizations_policies_for_target" "current" {
   target_id = data.aws_organizations_organization.current.roots[0].id
   filter    = "SERVICE_CONTROL_POLICY"
 }

From 15273034447795ea076a7ce9a49d34e0326811e2 Mon Sep 17 00:00:00 2001
From: danielw-aws <daneiljw@amazon.com>
Date: Wed, 31 May 2023 11:31:13 -0700
Subject: [PATCH 2/5] changed pull request change log

---
 .changelog/{30687.txt => 31682.txt} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename .changelog/{30687.txt => 31682.txt} (100%)

diff --git a/.changelog/30687.txt b/.changelog/31682.txt
similarity index 100%
rename from .changelog/30687.txt
rename to .changelog/31682.txt

From 69d10b2be9deab4e8a90bcfea0b172f3433c9623 Mon Sep 17 00:00:00 2001
From: danielw-aws <daneiljw@amazon.com>
Date: Wed, 31 May 2023 11:57:03 -0700
Subject: [PATCH 3/5] fixed testing naming convention

---
 .../organizations/policies_for_target_data_source_test.go   | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/internal/service/organizations/policies_for_target_data_source_test.go b/internal/service/organizations/policies_for_target_data_source_test.go
index 0bdaa9dd43d3..c4178c355d98 100644
--- a/internal/service/organizations/policies_for_target_data_source_test.go
+++ b/internal/service/organizations/policies_for_target_data_source_test.go
@@ -10,7 +10,7 @@ import (
 	"github.com/hashicorp/terraform-provider-aws/internal/acctest"
 )
 
-func TestAccPoliciesForTargetDataSource_basic(t *testing.T) {
+func TestAccOrganizationsPoliciesForTargetDataSource_basic(t *testing.T) {
 	ctx := acctest.Context(t)
 	dataSourceName := "data.aws_organizations_policies_for_target.test"
 	policyResourceName := "data.aws_organizations_policy.test"
@@ -25,7 +25,7 @@ func TestAccPoliciesForTargetDataSource_basic(t *testing.T) {
 		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccPoliciesForTargetDataSourceConfig_AttachQuery(rName),
+				Config: testAccOrganizationsPoliciesForTargetDataSourceConfig_AttachQuery(rName),
 				Check: resource.ComposeTestCheckFunc(
 					acctest.CheckResourceAttrGreaterThanValue("data.aws_organizations_policies_for_target.test", "policies.#", "0"),
 					resource.TestCheckResourceAttrPair(dataSourceName, "policies.0.arn", policyResourceName, "arn"),
@@ -39,7 +39,7 @@ func TestAccPoliciesForTargetDataSource_basic(t *testing.T) {
 	})
 }
 
-func testAccPoliciesForTargetDataSourceConfig_AttachQuery(rName string) string {
+func testAccOrganizationsPoliciesForTargetDataSourceConfig_AttachQuery(rName string) string {
 	return fmt.Sprintf(`
 data "aws_organizations_organization" "test" {
 }

From e301d5f8f8ece236c5d939da328b3d90edd01231 Mon Sep 17 00:00:00 2001
From: danielw-aws <daneiljw@amazon.com>
Date: Wed, 31 May 2023 12:02:27 -0700
Subject: [PATCH 4/5] fixed config name

---
 .../organizations/policies_for_target_data_source_test.go     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/internal/service/organizations/policies_for_target_data_source_test.go b/internal/service/organizations/policies_for_target_data_source_test.go
index c4178c355d98..7a167ca72241 100644
--- a/internal/service/organizations/policies_for_target_data_source_test.go
+++ b/internal/service/organizations/policies_for_target_data_source_test.go
@@ -25,7 +25,7 @@ func TestAccOrganizationsPoliciesForTargetDataSource_basic(t *testing.T) {
 		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccOrganizationsPoliciesForTargetDataSourceConfig_AttachQuery(rName),
+				Config: testAccPoliciesForTargetDataSourceConfig_AttachQuery(rName),
 				Check: resource.ComposeTestCheckFunc(
 					acctest.CheckResourceAttrGreaterThanValue("data.aws_organizations_policies_for_target.test", "policies.#", "0"),
 					resource.TestCheckResourceAttrPair(dataSourceName, "policies.0.arn", policyResourceName, "arn"),
@@ -39,7 +39,7 @@ func TestAccOrganizationsPoliciesForTargetDataSource_basic(t *testing.T) {
 	})
 }
 
-func testAccOrganizationsPoliciesForTargetDataSourceConfig_AttachQuery(rName string) string {
+func testAccPoliciesForTargetDataSourceConfig_AttachQuery(rName string) string {
 	return fmt.Sprintf(`
 data "aws_organizations_organization" "test" {
 }

From cb789a8488dfc1451283f852a62e1afc696eba21 Mon Sep 17 00:00:00 2001
From: Kit Ewbank <Kit_Ewbank@hotmail.com>
Date: Thu, 15 Jun 2023 11:05:38 -0400
Subject: [PATCH 5/5] d/aws_organizations_policies_for_target: Return just
 'ids'.

---
 .../policies_for_target_data_source.go        | 80 ++++---------------
 .../policies_for_target_data_source_test.go   | 22 +++--
 ...izations_policies_for_target.html.markdown | 21 +++--
 3 files changed, 35 insertions(+), 88 deletions(-)

diff --git a/internal/service/organizations/policies_for_target_data_source.go b/internal/service/organizations/policies_for_target_data_source.go
index 824f35c0b833..50e7fcaecbbc 100644
--- a/internal/service/organizations/policies_for_target_data_source.go
+++ b/internal/service/organizations/policies_for_target_data_source.go
@@ -17,54 +17,23 @@ func DataSourcePoliciesForTarget() *schema.Resource {
 		ReadWithoutTimeout: dataSourcePoliciesForTargetRead,
 
 		Schema: map[string]*schema.Schema{
-			"target_id": {
-				Type:     schema.TypeString,
-				Required: true,
-			},
 			"filter": {
 				Type:     schema.TypeString,
 				Required: true,
 			},
-			"policies": {
+			"ids": {
 				Type:     schema.TypeList,
 				Computed: true,
-				Elem: &schema.Resource{
-					Schema: map[string]*schema.Schema{
-						"arn": {
-							Type:     schema.TypeString,
-							Computed: true,
-						},
-						"aws_managed": {
-							Type:     schema.TypeBool,
-							Computed: true,
-						},
-						"description": {
-							Type:     schema.TypeString,
-							Computed: true,
-						},
-						"id": {
-							Type:     schema.TypeString,
-							Computed: true,
-						},
-						"name": {
-							Type:     schema.TypeString,
-							Computed: true,
-						},
-						"type": {
-							Type:     schema.TypeString,
-							Computed: true,
-						},
-					},
-				},
+				Elem:     &schema.Schema{Type: schema.TypeString},
+			},
+			"target_id": {
+				Type:     schema.TypeString,
+				Required: true,
 			},
 		},
 	}
 }
 
-const (
-	DSNamePoliciesForTarget = "PoliciesForTarget Data Source"
-)
-
 func dataSourcePoliciesForTargetRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	var diags diag.Diagnostics
 
@@ -72,26 +41,29 @@ func dataSourcePoliciesForTargetRead(ctx context.Context, d *schema.ResourceData
 
 	targetID := d.Get("target_id").(string)
 	filter := d.Get("filter").(string)
-
 	policies, err := findPoliciesForTarget(ctx, conn, targetID, filter)
+
 	if err != nil {
-		return sdkdiag.AppendErrorf(diags, "listing Organizations Policies for target (%s): %s", targetID, err)
+		return sdkdiag.AppendErrorf(diags, "listing Organizations Policies (%s) for target (%s): %s", filter, targetID, err)
 	}
 
-	d.SetId(targetID)
-	d.Set("filter", filter)
+	var policyIDs []string
 
-	if err := d.Set("policies", FlattenOrganizationPolicies(policies)); err != nil {
-		return sdkdiag.AppendErrorf(diags, "setting policies: %s", err)
+	for _, v := range policies {
+		policyIDs = append(policyIDs, aws.StringValue(v.Id))
 	}
 
+	d.SetId(targetID)
+
+	d.Set("ids", policyIDs)
+
 	return diags
 }
 
-func findPoliciesForTarget(ctx context.Context, conn *organizations.Organizations, id string, filter string) ([]*organizations.PolicySummary, error) {
+func findPoliciesForTarget(ctx context.Context, conn *organizations.Organizations, targetID string, filter string) ([]*organizations.PolicySummary, error) {
 	input := &organizations.ListPoliciesForTargetInput{
-		TargetId: aws.String(id),
 		Filter:   aws.String(filter),
+		TargetId: aws.String(targetID),
 	}
 	var output []*organizations.PolicySummary
 
@@ -107,21 +79,3 @@ func findPoliciesForTarget(ctx context.Context, conn *organizations.Organization
 
 	return output, nil
 }
-
-func FlattenOrganizationPolicies(policies []*organizations.PolicySummary) []map[string]interface{} {
-	if len(policies) == 0 {
-		return nil
-	}
-	var result []map[string]interface{}
-	for _, policy := range policies {
-		result = append(result, map[string]interface{}{
-			"arn":         aws.StringValue(policy.Arn),
-			"aws_managed": aws.BoolValue(policy.AwsManaged),
-			"description": aws.StringValue(policy.Description),
-			"id":          aws.StringValue(policy.Id),
-			"name":        aws.StringValue(policy.Name),
-			"type":        aws.StringValue(policy.Type),
-		})
-	}
-	return result
-}
diff --git a/internal/service/organizations/policies_for_target_data_source_test.go b/internal/service/organizations/policies_for_target_data_source_test.go
index 1a2a057b0d9c..f368cbe5e8e3 100644
--- a/internal/service/organizations/policies_for_target_data_source_test.go
+++ b/internal/service/organizations/policies_for_target_data_source_test.go
@@ -12,14 +12,13 @@ import (
 
 func TestAccOrganizationsPoliciesForTargetDataSource_basic(t *testing.T) {
 	ctx := acctest.Context(t)
-	dataSourceName := "data.aws_organizations_policies_for_target.test"
-	policyResourceName := "data.aws_organizations_policy.test"
+	datasourceName := "data.aws_organizations_policies_for_target.test"
 	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
 
 	resource.Test(t, resource.TestCase{
 		PreCheck: func() {
 			acctest.PreCheck(ctx, t)
-			acctest.PreCheckOrganizationManagementAccount(ctx, t)
+			acctest.PreCheckOrganizationsAccount(ctx, t)
 		},
 		ErrorCheck:               acctest.ErrorCheck(t, organizations.EndpointsID),
 		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
@@ -27,12 +26,7 @@ func TestAccOrganizationsPoliciesForTargetDataSource_basic(t *testing.T) {
 			{
 				Config: testAccPoliciesForTargetDataSourceConfig_AttachQuery(rName),
 				Check: resource.ComposeTestCheckFunc(
-					acctest.CheckResourceAttrGreaterThanValue("data.aws_organizations_policies_for_target.test", "policies.#", 0),
-					resource.TestCheckResourceAttrPair(dataSourceName, "policies.0.arn", policyResourceName, "arn"),
-					resource.TestCheckResourceAttrPair(dataSourceName, "policies.0.id", policyResourceName, "id"),
-					resource.TestCheckResourceAttrPair(dataSourceName, "policies.0.name", policyResourceName, "name"),
-					resource.TestCheckResourceAttrPair(dataSourceName, "policies.0.description", policyResourceName, "description"),
-					resource.TestCheckResourceAttrPair(dataSourceName, "policies.0.type", policyResourceName, "type"),
+					acctest.CheckResourceAttrGreaterThanValue(datasourceName, "ids.#", 0),
 				),
 			},
 		},
@@ -41,16 +35,18 @@ func TestAccOrganizationsPoliciesForTargetDataSource_basic(t *testing.T) {
 
 func testAccPoliciesForTargetDataSourceConfig_AttachQuery(rName string) string {
 	return fmt.Sprintf(`
-data "aws_organizations_organization" "test" {
+resource "aws_organizations_organization" "test" {
+  feature_set          = "ALL"
+  enabled_policy_types = ["SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY", "AISERVICES_OPT_OUT_POLICY"]
 }
 
 resource "aws_organizations_organizational_unit" "test" {
   name      = %[1]q
-  parent_id = data.aws_organizations_organization.test.roots[0].id
+  parent_id = aws_organizations_organization.test.roots[0].id
 }
 
 resource "aws_organizations_policy" "test" {
-  depends_on = [data.aws_organizations_organization.test]
+  depends_on = [aws_organizations_organization.test]
 
   content = <<EOF
 {
@@ -79,7 +75,7 @@ data "aws_organizations_policies_for_target" "test" {
 }
 
 data "aws_organizations_policy" "test" {
-  policy_id = data.aws_organizations_policies_for_target.test.policies[0].id
+  policy_id = data.aws_organizations_policies_for_target.test.ids[0]
 }
 `, rName)
 }
diff --git a/website/docs/d/organizations_policies_for_target.html.markdown b/website/docs/d/organizations_policies_for_target.html.markdown
index 807927ef14e3..8ff4444f1b00 100644
--- a/website/docs/d/organizations_policies_for_target.html.markdown
+++ b/website/docs/d/organizations_policies_for_target.html.markdown
@@ -15,12 +15,17 @@ Terraform data source for managing an AWS Organizations Policies For Target.
 ### Basic Usage
 
 ```terraform
-data "aws_organizations_organization" "org" {}
+data "aws_organizations_organization" "example" {}
 
-data "aws_organizations_policies_for_target" "policies" {
-  target_id = data.aws_organizations_organization.org.roots[0].id
+data "aws_organizations_policies_for_target" "example" {
+  target_id = data.aws_organizations_organization.example.roots[0].id
   filter    = "SERVICE_CONTROL_POLICY"
 }
+
+data "aws_organizations_policy" "example" {
+  for_each  = toset(data.aws_organizations_policies_for_target.example.ids)
+  policy_id = each.value
+}
 ```
 
 ## Argument Reference
@@ -32,12 +37,4 @@ The following arguments are required:
 
 ## Attributes Reference
 
-In addition to all arguments above, the following attributes are exported:
-
-* `policies` - List of child accounts, which have the following attributes:
-    * `arn` - The Amazon Resource Name (ARN) of the account.
-    * `aws_managed` - Indicates if a policy is AWS managed.
-    * `description` - Description of the policy.
-    * `id` - The unique identifier (ID) of the policy.
-    * `name` - The friendly name of the policy.
-    * `type` - The type of policy.
+* `ids` - List of all the policy ids found.