Class OrganizationConfig

Organization configuration

Hierarchy

  • OrganizationConfig

Implements

Constructors

constructor

Properties

backupPolicies enable organizationalUnitIds organizationalUnits quarantineNewAccounts serviceControlPolicies taggingPolicies FILENAME

Methods

getOrganizationId getOrganizationalUnitArn getOrganizationalUnitId getOuName getParentOuName getPath isIgnored loadOrganizationalUnitIds load loadBuffer loadFromString loadRawOrganizationsConfig

Constructors

constructor

  • Parameters

    • Optional values: {
          backupPolicies: ({ name: string; description: string; policy: string; deploymentTargets: { organizationalUnits: string[] | undefined; accounts: string[] | undefined; excludedRegions: string[] | undefined; excludedAccounts: string[] | undefined; }; })[];
          enable: boolean;
          organizationalUnitIds: undefined | ({ name: string; id: string; arn: string; })[];
          organizationalUnits: ({ name: string; ignore: boolean | undefined; })[];
          serviceControlPolicies: ({ name: string; description: string; policy: string; type: string; strategy: string | undefined; deploymentTargets: { organizationalUnits: string[] | undefined; accounts: string[] | undefined; excludedRegions: string[] | undefined; excludedAccounts: string[] | undefined; }; })[];
          taggingPolicies: ({ name: string; description: string; policy: string; deploymentTargets: { organizationalUnits: string[] | undefined; accounts: string[] | undefined; excludedRegions: string[] | undefined; excludedAccounts: string[] | undefined; }; })[];
      }
      • backupPolicies: ({ name: string; description: string; policy: string; deploymentTargets: { organizationalUnits: string[] | undefined; accounts: string[] | undefined; excludedRegions: string[] | undefined; excludedAccounts: string[] | undefined; }; })[]
      • enable: boolean
      • organizationalUnitIds: undefined | ({ name: string; id: string; arn: string; })[]
      • organizationalUnits: ({ name: string; ignore: boolean | undefined; })[]
      • serviceControlPolicies: ({ name: string; description: string; policy: string; type: string; strategy: string | undefined; deploymentTargets: { organizationalUnits: string[] | undefined; accounts: string[] | undefined; excludedRegions: string[] | undefined; excludedAccounts: string[] | undefined; }; })[]
      • taggingPolicies: ({ name: string; description: string; policy: string; deploymentTargets: { organizationalUnits: string[] | undefined; accounts: string[] | undefined; excludedRegions: string[] | undefined; excludedAccounts: string[] | undefined; }; })[]

    Returns OrganizationConfig

Properties

Readonly backupPolicies

backupPolicies: BackupPolicyConfig[] = []

A Record of Backup Policy configurations

See

BackupPolicyConfig

To create backup policy named BackupPolicy from backup-policies/org-backup-policies.json file in config repository, you need to provide following values for this parameter.

Example

backupPolicies:
  - name: BackupPolicy
    description: Organization Backup Policy
    policy: backup-policies/org-backup-policies.json
    deploymentTargets:
        organizationalUnits:
          - Root

Readonly enable

enable: true = true

Indicates whether AWS Organization enabled.

organizationalUnitIds

organizationalUnitIds: undefined | OrganizationalUnitIdConfig[] = undefined

Optionally provide a list of Organizational Unit IDs to bypass the usage of the AWS Organizations Client lookup. This is not a readonly member since we will initialize it with values if it is not provided

Readonly organizationalUnits

organizationalUnits: OrganizationalUnitConfig[] = ...

A Record of Organizational Unit configurations

See

OrganizationalUnitConfig

To create Security and Infrastructure OU in root , you need to provide following values for this parameter. Nested OU's start at root and configure all of the ou's in the path

Example

organizationalUnits:
  - name: Security
  - name: Infrastructure
  - name: Sandbox
  - name: Sandbox/Pipeline
  - name: Sandbox/Development
  - name: Sandbox/Development/Application1

Readonly quarantineNewAccounts

quarantineNewAccounts: undefined | QuarantineNewAccountsConfig = undefined

A record of Quarantine New Accounts configuration

See

QuarantineNewAccountsConfig

Readonly serviceControlPolicies

serviceControlPolicies: ServiceControlPolicyConfig[] = []

A Record of Service Control Policy configurations

See

ServiceControlPolicyConfig

To create service control policy named DenyDeleteVpcFlowLogs from service-control-policies/deny-delete-vpc-flow-logs.json file in config repository, you need to provide following values for this parameter.

Example

serviceControlPolicies:
  - name: DenyDeleteVpcFlowLogs
    description: >
      This SCP prevents users or roles in any affected account from deleting
      Amazon Elastic Compute Cloud (Amazon EC2) flow logs or CloudWatch log
      groups or log streams.
    policy: service-control-policies/deny-delete-vpc-flow-logs.json
    type: customerManaged
    strategy: deny-list # defines SCP strategy - deny-list or allow-list. See https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_strategies.html
    deploymentTargets:
      organizationalUnits:
        - Security

Readonly taggingPolicies

taggingPolicies: TaggingPolicyConfig[] = []

A Record of Tagging Policy configurations

See

TaggingPolicyConfig

To create tagging policy named TagPolicy from tagging-policies/org-tag-policy.json file in config repository, you need to provide following values for this parameter.

Example

taggingPolicies:
  - name: TagPolicy
    description: Organization Tagging Policy
    policy: tagging-policies/org-tag-policy.json
    deploymentTargets:
        organizationalUnits:
          - Root

Static Readonly FILENAME

FILENAME: "organization-config.yaml" = 'organization-config.yaml'

A name for the organization config file in config repository

Default

organization-config.yaml

Methods

getOrganizationId

  • Returns undefined | string

getOrganizationalUnitArn

  • Parameters

    • name: string

    Returns string

getOrganizationalUnitId

  • Parameters

    • name: string

    Returns string

getOuName

  • Parameters

    • name: string

    Returns string

getParentOuName

  • Parameters

    • name: string

    Returns string

getPath

  • Parameters

    • name: string

    Returns string

isIgnored

  • Parameters

    • name: string

    Returns boolean

loadOrganizationalUnitIds

  • Load from string content

    Parameters

    • partition: string

    Returns Promise<void>

Static load

Static loadBuffer

  • Load from buffer

    Returns

    Parameters

    Returns string

Static loadFromString

Static loadRawOrganizationsConfig

  • Loads the file raw with default replacements placeholders to determine if organizations is enabled.

    Parameters

    • dir: string

    Returns OrganizationConfig

Settings

Member Visibility

Theme

Generated using TypeDoc