aws-deployment-framework icon indicating copy to clipboard operation
aws-deployment-framework copied to clipboard

Published 20 hours ago verified publisher icon awslabs

Feature createorganizationalunit

Open ethanBaird opened this issue 11 months ago • 3 comments

Why?

In our existing Account Creation workflow, we are required to create new organizational units via the Organizations console in our master account. This requires us to sign in to our master account with heightened priveleges for every new account (that has a new path)

We run a multi account strategy so this happens reasonably often.

We'd prefer for this to be automated. This change will programmatically create any new Organizational Units if a new path is defined in the adf-accounts configuration.

Response to Issue: (https://github.com/awslabs/aws-deployment-framework/issues/263)

What?

Description of changes:

  • Updated permissions on adf-codebuild-role in master account
  • Added a new method Organizations.create_ou()
  • Refactored existing method Organizations.get_ou_id()
    • refactor while loop to for loop
    • refactor logic in for/else to create OU if not found as defined by the path
  • stubbed tests for both methods

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

ethanBaird avatar Mar 14 '24 12:03 ethanBaird