aws-orgtool

aws-orgtool copied to clipboard

General info

This Tool is to export your AWS Organizations structure, Policies to Json file and import structure, SCPs to another AWS Organization. During import and export a a log file is written so that the processes can be traced

Tool info:

Usage

Structure:

Export: orgtool.py -u export -f <file.json> -p AWSPROFILE

Import: orgtool.py -u import -f <file.json> -p AWSPROFILE

Policies:

Export: orgtool.py -u export-policies -f <file.json> -p AWSPROFILE

Import: orgtool.py -u import-policies -f <file.json> -p AWSPROFILE

SCPs:

Attach-SCPs: orgtool.py -u attach-scps -f <file.json> -p AWSPROFILE

Validate-SCPs: orgtool.py -u validate-scps -f <file.json> -p AWSPROFILE

ℹ️ Uses Access Analyzer policy validation to validates your SCPs against IAM policy grammar and best practices.

Visualization:

Visualize Organization with graphviz: orgtool.py -u visualize-organization-graphviz -f <file.json> -p AWSPROFILE

ℹ️ Visualize Organization currently use Graphviz please install before using the function.

Visualize Organization with diagrams.net: orgtool.py -u visualize-organization-diagrams -f <file.json> -p AWSPROFILE

ℹ️ The tool will generate a organziations.csv file. Follow the guide to import from CSV to draw.io diagrams

How to use the tool with virtual env:

1. Creating virtual env: python3 -m venv orgtool

2. Activate virtual env: source orgtool/bin/activate