[![GitHub](https://img.shields.io/github/license/pepperize/cdk-organizations?style=flat-square)](https://github.com/pepperize/cdk-organizations/blob/main/LICENSE)
[![npm (scoped)](https://img.shields.io/npm/v/@pepperize/cdk-organizations?style=flat-square)](https://www.npmjs.com/package/@pepperize/cdk-organizations)
[![PyPI](https://img.shields.io/pypi/v/pepperize.cdk-organizations?style=flat-square)](https://pypi.org/project/pepperize.cdk-organizations/)
[![Nuget](https://img.shields.io/nuget/v/Pepperize.CDK.Organizations?style=flat-square)](https://www.nuget.org/packages/Pepperize.CDK.Organizations/)
[![GitHub Workflow Status (branch)](https://img.shields.io/github/workflow/status/pepperize/cdk-organizations/release/main?label=release&style=flat-square)](https://github.com/pepperize/cdk-organizations/actions/workflows/release.yml)
[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/pepperize/cdk-organizations?sort=semver&style=flat-square)](https://github.com/pepperize/cdk-organizations/releases)
[![Gitpod ready-to-code](https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod&style=flat-square)](https://gitpod.io/#https://github.com/pepperize/cdk-organizations)
# CDK Organizations
Manage AWS organizations, organizational units (OU), accounts and service control policies (SCP).
Motivation:
> Currently, there is no `aws-cdk-lib/organizations` available. See this [Issue on AWS CDK](https://github.com/aws/aws-cdk/issues/2877).
## References
* [CDK Organizations API Reference](https://github.com/pepperize/cdk-organizations/blob/main/API.md)
* [AWS Account Management Reference Guide](https://docs.aws.amazon.com/accounts/latest/reference/accounts-welcome.html)
* [AWS Organizations User Guide](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html)
* [AWS API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/Welcome.html)
* [AWS CDK Custom Resources](https://docs.aws.amazon.com/cdk/api/v1/docs/custom-resources-readme.html#custom-resources-for-aws-apis)
## Install
### TypeScript
```shell
npm install @pepperize/cdk-organizations
```
or
```shell
yarn add @pepperize/cdk-organizations
```
### Python
```shell
pip install pepperize.cdk-organizations
```
### C# / .Net
```
dotnet add package Pepperize.CDK.Organizations
```
## Getting Started
1. Create a new account
[Signup for AWS](https://portal.aws.amazon.com/billing/signup#/start)
2. Prepare an IAM User with `AdministratorAccess`
To deploy your new organization, you have to create an Administrator with an Access Key
* [Creating your first IAM admin user and user group](https://docs.aws.amazon.com/IAM/latest/UserGuide/getting-started_create-admin-group.html)
* [Managing access keys for IAM users](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html#Using_CreateAccessKey)
3. Create a new CDK TypeScript App project with [projen](https://github.com/projen/projen)
```shell
mkdir my-project
cd my-project
git init -b main
npx projen new awscdk-app-ts
```
4. Add `@pepperize/cdk-organizations` to your dependencies in `.projenrc.js`
```python
const project = new awscdk.AwsCdkTypeScriptApp({
//...
deps: ["@pepperize/cdk-organizations"],
});
```
5. Install the dependency
```shell
npx projen
```
6. Create a stack
```python
import { Account, Organization, OrganizationalUnit } from "@pepperize/cdk-organizations";
import { Stack } from "aws-cdk-lib";
export class OrganizationStack extends Stack {
constructor(scope: Construct, id: string, props: StackProps = {}) {
super(scope, id, { ...props, env: { ...props.env, region: "us-east-1" } }); // AWS Organizations API is only available in region us-east-1
// Create your organization
const organization = new Organization(stack, "Organization", {});
// Create an organizational unit (OU)
const organizationUnit = new OrganizationalUnit(stack, "OrganizationalUnit", {
organizationalUnitName: "MyFirstOU",
parent: organization.root,
});
// Create an account
const account = new Account(stack, "Account", {
accountName: "MyFirstAccount",
email: "<your email for the member account>",
parent: organizationUnit,
});
}
}
```
7. Configure your AWS CLI to deploy
* [Configuring the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html)
* [AWSume](https://awsu.me/)
The easiest is to export your access key
```shell
export AWS_ACCESS_KEY_ID=<your created access key id>
export AWS_SECRET_ACCESS_KEY=<your created secret access key>
```
8. Deploy your first AWS organization
```shell
export CDK_DEFAULT_REGION=us-east-1
export CDK_DEFAULT_ACCOUNT=<your AWS account id>
```
```shell
yarn deploy
```
## Usage
### Organization
To create a new organization or import an existing organization, add the following construct to your stack:
```python
const organization = new Organization(stack, "Organization", {
featureSet: FeatureSet.ALL, // (default) required later on to enable SCPs, enable AWS services or delegate an adminsitrator account
});
organization.root; // The organization's root is automatically created
```
* `FeatureSet.ALL` is required for advanced features like Service Control Policies (SCP) and is the [preferred way to work with AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html)
* The account which deploys the stack, will automatically become the management account of the new organization.
* If an organization already exists, it will be imported automatically. You can disable this behaviour by passing `importOnDuplicate: false` in the props.
* If the construct is removed from the stack, the organization will remain and must be deleted manually. For deletion of an organization you must previously remove all the member accounts, OUs, and policies from the organization. [Deleting the organization by removing the management account](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_delete.html)
* An organization root is automatically created for you when you create the new organization.
See [IOrganization](https://github.com/pepperize/cdk-organizations/blob/main/API.md#@pepperize/cdk-organizations.IOrganization)
### Organizational Unit (OU)
To create a new organizational unit (OU), add the following construct to your stack:
```python
const organizationUnit = new OrganizationalUnit(stack, "Organization", {
organizationalUnitName: "Project2",
parent: organization.root,
});
```
* The parent of an organizational unit (OU) can be either the organization's root or another OU within the organization.
* An organizational unit (OU) can't be moved. You have to create a new OU first, move all the accounts and then delete the old OU.
* For deletion of an organizational unit (OU) you must first move all accounts out of the OU and any child OUs, and then you can delete the child OUs. [Deleting an organizational unit](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_ous.html#delete-ou)
See [IOrganizationalUnit](https://github.com/pepperize/cdk-organizations/blob/main/API.md#@pepperize/cdk-organizations.IOrganizationalUnit)
#### Organizational Unit (OU) Properties
* `importOnDuplicate` If an organizational unit (OU) with the name exists in the parent, it will be imported.
* `removalPolicy` Default `RemovalPolicy.Retain` If you set `removalPolicy` to `RemovalPolicy.destroy`, the organizational unit (OU) will be deleted on Cloudformation delete event.
See [OrganizationalUnitProps](https://github.com/pepperize/cdk-organizations/blob/main/API.md#@pepperize/cdk-organizations.OrganizationalUnitProps)
### Account
To create a new account, add the following construct to your stack:
```python
没有合适的资源?快使用搜索试试~ 我知道了~
温馨提示
共16个文件
txt:4个
py:3个
pkg-info:2个
资源分类:Python库 所属语言:Python 资源全名:pepperize.cdk-organizations-0.0.218.tar.gz 资源来源:官方 安装方法:https://lanzao.blog.csdn.net/article/details/101784059
资源推荐
资源详情
资源评论
收起资源包目录
pepperize.cdk-organizations-0.0.218.tar.gz (16个子文件)
pepperize.cdk-organizations-0.0.218
MANIFEST.in 23B
PKG-INFO 19KB
pyproject.toml 106B
LICENSE 1KB
src
pepperize.cdk_organizations.egg-info
PKG-INFO 19KB
requires.txt 92B
SOURCES.txt 535B
top_level.txt 28B
dependency_links.txt 1B
pepperize_cdk_organizations
setup.cfg 38B
setup.py 2KB
README.md 19KB
共 16 条
- 1
资源评论
挣扎的蓝藻
- 粉丝: 13w+
- 资源: 15万+
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功