[AWS::Organizations::Policy] - [BUG] - Can not create multiple policies at the same time

[rehanvdm]

Name of the resource

AWS::Organizations::Policy

Resource Name

No response

Issue Description

Can not create multiple Org policies within 1 stack at the same time. The error: "A policy with the specified name and type already exists."

It will pick one of the policies it tries to create and then throw this error on it. When rolling back, it will then not delete this policy it has identified as being duplicate.

This error occurred when a stack update tried to create 20 ORg policies, each with unique names.

To resolve this, I uncommented some Org policies and deployed in smaller batches. The biggest number I could verify is that it still works creating 9 within 1 stack update.

Expected Behavior

CFN should create the resources as expected and also not give a name conflict error, because there isn't any.

Observed Behavior

As above.

Test Cases

Negative case

1. Create an empty stack (as baseline)
2. Update it to create 20 Org Policies within 1 update
3. Observe it fails with duplicate name error, even though each Org policy has a unique name

Positive case

1. Create an empty stack (as baseline)
2. Update the template, comment out all the Org policies
3. Comment in 5 Org Policies, deploy and it will work. Repeat 4 times to deploy all 20 policies.

Other Details

No response