Organization configuration

Hierarchy

  • OrganizationConfig

Implements

Constructors

Properties

backupPolicies: BackupPolicyConfig[] = []

A Record of Backup Policy configurations

See

BackupPolicyConfig

To create backup policy named BackupPolicy from backup-policies/org-backup-policies.json file in config repository, you need to provide following values for this parameter.

Example

backupPolicies:
- name: BackupPolicy
description: Organization Backup Policy
policy: backup-policies/org-backup-policies.json
deploymentTargets:
organizationalUnits:
- Root
enable: true = true

Indicates whether AWS Organization enabled.

organizationalUnitIds: undefined | OrganizationalUnitIdConfig[] = undefined

Optionally provide a list of Organizational Unit IDs to bypass the usage of the AWS Organizations Client lookup. This is not a readonly member since we will initialize it with values if it is not provided

organizationalUnits: OrganizationalUnitConfig[] = ...

A Record of Organizational Unit configurations

See

OrganizationalUnitConfig

To create Security and Infrastructure OU in root , you need to provide following values for this parameter. Nested OU's start at root and configure all of the ou's in the path

Example

organizationalUnits:
- name: Security
- name: Infrastructure
- name: Sandbox
- name: Sandbox/Pipeline
- name: Sandbox/Development
- name: Sandbox/Development/Application1
quarantineNewAccounts: undefined | QuarantineNewAccountsConfig = undefined

A record of Quarantine New Accounts configuration

See

QuarantineNewAccountsConfig

serviceControlPolicies: ServiceControlPolicyConfig[] = []

A Record of Service Control Policy configurations

See

ServiceControlPolicyConfig

To create service control policy named DenyDeleteVpcFlowLogs from service-control-policies/deny-delete-vpc-flow-logs.json file in config repository, you need to provide following values for this parameter.

Example

serviceControlPolicies:
- name: DenyDeleteVpcFlowLogs
description: >
This SCP prevents users or roles in any affected account from deleting
Amazon Elastic Compute Cloud (Amazon EC2) flow logs or CloudWatch log
groups or log streams.
policy: service-control-policies/deny-delete-vpc-flow-logs.json
type: customerManaged
strategy: deny-list # defines SCP strategy - deny-list or allow-list. See https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_strategies.html
deploymentTargets:
organizationalUnits:
- Security
taggingPolicies: TaggingPolicyConfig[] = []

A Record of Tagging Policy configurations

See

TaggingPolicyConfig

To create tagging policy named TagPolicy from tagging-policies/org-tag-policy.json file in config repository, you need to provide following values for this parameter.

Example

taggingPolicies:
- name: TagPolicy
description: Organization Tagging Policy
policy: tagging-policies/org-tag-policy.json
deploymentTargets:
organizationalUnits:
- Root
FILENAME: "organization-config.yaml" = 'organization-config.yaml'

A name for the organization config file in config repository

Default

organization-config.yaml

Methods

  • Returns undefined | string

  • Parameters

    • name: string

    Returns string

  • Parameters

    • name: string

    Returns string

  • Parameters

    • name: string

    Returns string

  • Parameters

    • name: string

    Returns string

  • Parameters

    • name: string

    Returns string

  • Parameters

    • name: string

    Returns boolean

  • Load from string content

    Parameters

    • partition: string

    Returns Promise<void>

  • Load from buffer

    Returns

    Parameters

    Returns string

  • Loads the file raw with default replacements placeholders to determine if organizations is enabled.

    Parameters

    • dir: string

    Returns OrganizationConfig

Generated using TypeDoc