Optional
values: { Optional
configDir: stringOptional
validateConfig: booleanReadonly
backupA Record of Backup Policy configurations
BackupPolicyConfig
To create backup policy named BackupPolicy from backup-policies/org-backup-policies.json file in config repository, you need to provide following values for this parameter.
backupPolicies:
- name: BackupPolicy
description: Organization Backup Policy
policy: backup-policies/org-backup-policies.json
deploymentTargets:
organizationalUnits:
- Root
Readonly
enableIndicates whether AWS Organization enabled.
Optionally provide a list of Organizational Unit IDs to bypass the usage of the AWS Organizations Client lookup. This is not a readonly member since we will initialize it with values if it is not provided
Readonly
organizationalA Record of Organizational Unit configurations
OrganizationalUnitConfig
To create Security and Infrastructure OU in root , you need to provide following values for this parameter. Nested OU's start at root and configure all of the ou's in the path
organizationalUnits:
- name: Security
- name: Infrastructure
- name: Sandbox
- name: Sandbox/Pipeline
- name: Sandbox/Development
- name: Sandbox/Development/Application1
Readonly
quarantineA record of Quarantine New Accounts configuration
QuarantineNewAccountsConfig
Readonly
serviceA Record of Service Control Policy configurations
ServiceControlPolicyConfig
To create service control policy named DenyDeleteVpcFlowLogs from service-control-policies/deny-delete-vpc-flow-logs.json file in config repository, you need to provide following values for this parameter.
serviceControlPolicies:
- name: DenyDeleteVpcFlowLogs
description: >
This SCP prevents users or roles in any affected account from deleting
Amazon Elastic Compute Cloud (Amazon EC2) flow logs or CloudWatch log
groups or log streams.
policy: service-control-policies/deny-delete-vpc-flow-logs.json
type: customerManaged
deploymentTargets:
organizationalUnits:
- Security
Readonly
taggingA Record of Tagging Policy configurations
TaggingPolicyConfig
To create tagging policy named TagPolicy from tagging-policies/org-tag-policy.json file in config repository, you need to provide following values for this parameter.
taggingPolicies:
- name: TagPolicy
description: Organization Tagging Policy
policy: tagging-policies/org-tag-policy.json
deploymentTargets:
organizationalUnits:
- Root
Static
Readonly
FILENAMEA name for the organization config file in config repository
organization-config.yaml
Private
validateFunction to validate presence of backup policy file existence
Private
validateFunction to validate service control policy file existence
Private
validateFunction to validate tagging policy file existence
Static
loadLoad from config file content
Optional
validateConfig: booleanGenerated using TypeDoc
Organization configuration