UNPKG

@pepperize/cdk-organizations

Version:

Manage AWS organizations, organizational units (OU), accounts and service control policies (SCP).

github.com/pepperize/cdk-organizations

pepperize/cdk-organizations

49 lines 7.52 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
"use strict"; var _a; Object.defineProperty(exports, "__esModule", { value: true }); exports.EnableAwsServiceAccess = void 0; const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti"); const custom_resources_1 = require("aws-cdk-lib/custom-resources"); const constructs_1 = require("constructs"); /** * Enables the integration of an AWS service (the service that is specified by ServicePrincipal) with AWS Organizations. When you enable integration, you allow the specified service to create a service-linked role in all the accounts in your organization. This allows the service to perform operations on your behalf in your organization and its accounts. * * <strong>This operation can be called only from the organization's management account and only if the organization has enabled all features.</strong> * * @see https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html#orgs_trusted_access_perms */ class EnableAwsServiceAccess extends constructs_1.Construct { constructor(scope, id, props) { super(scope, id); const { servicePrincipal } = props; const organizationsRegion = process.env.CDK_AWS_PARTITION === "aws-cn" ? "cn-northwest-1" : "us-east-1"; new custom_resources_1.AwsCustomResource(this, "EnableAwsServiceAccessCustomResource", { resourceType: "Custom::Organizations_EnableAwsServiceAccess", onCreate: { service: "Organizations", action: "enableAWSServiceAccess", // https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Organizations.html#enableAWSServiceAccess-property region: organizationsRegion, physicalResourceId: custom_resources_1.PhysicalResourceId.of(`${servicePrincipal}`), parameters: { ServicePrincipal: servicePrincipal, }, }, onDelete: { service: "Organizations", action: "disableAWSServiceAccess", // https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Organizations.html#disableAWSServiceAccess-property region: organizationsRegion, parameters: { ServicePrincipal: servicePrincipal, }, }, installLatestAwsSdk: false, policy: custom_resources_1.AwsCustomResourcePolicy.fromSdkCalls({ resources: custom_resources_1.AwsCustomResourcePolicy.ANY_RESOURCE, }), }); } } exports.EnableAwsServiceAccess = EnableAwsServiceAccess; _a = JSII_RTTI_SYMBOL_1; EnableAwsServiceAccess[_a] = { fqn: "@pepperize/cdk-organizations.EnableAwsServiceAccess", version: "0.7.988" }; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZW5hYmxlLWF3cy1zZXJ2aWNlLWFjY2Vzcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy9lbmFibGUtYXdzLXNlcnZpY2UtYWNjZXNzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsbUVBQThHO0FBQzlHLDJDQUF1QztBQVN2Qzs7Ozs7O0dBTUc7QUFDSCxNQUFhLHNCQUF1QixTQUFRLHNCQUFTO0lBQ25ELFlBQW1CLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQWtDO1FBQ2pGLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsTUFBTSxFQUFFLGdCQUFnQixFQUFFLEdBQUcsS0FBSyxDQUFDO1FBQ25DLE1BQU0sbUJBQW1CLEdBQUcsT0FBTyxDQUFDLEdBQUcsQ0FBQyxpQkFBaUIsS0FBSyxRQUFRLENBQUMsQ0FBQyxDQUFDLGdCQUFnQixDQUFDLENBQUMsQ0FBQyxXQUFXLENBQUM7UUFFeEcsSUFBSSxvQ0FBaUIsQ0FBQyxJQUFJLEVBQUUsc0NBQXNDLEVBQUU7WUFDbEUsWUFBWSxFQUFFLDhDQUE4QztZQUM1RCxRQUFRLEVBQUU7Z0JBQ1IsT0FBTyxFQUFFLGVBQWU7Z0JBQ3hCLE1BQU0sRUFBRSx3QkFBd0IsRUFBRSw2R0FBNkc7Z0JBQy9JLE1BQU0sRUFBRSxtQkFBbUI7Z0JBQzNCLGtCQUFrQixFQUFFLHFDQUFrQixDQUFDLEVBQUUsQ0FBQyxHQUFHLGdCQUFnQixFQUFFLENBQUM7Z0JBQ2hFLFVBQVUsRUFBRTtvQkFDVixnQkFBZ0IsRUFBRSxnQkFBZ0I7aUJBQ25DO2FBQ0Y7WUFDRCxRQUFRLEVBQUU7Z0JBQ1IsT0FBTyxFQUFFLGVBQWU7Z0JBQ3hCLE1BQU0sRUFBRSx5QkFBeUIsRUFBRSw4R0FBOEc7Z0JBQ2pKLE1BQU0sRUFBRSxtQkFBbUI7Z0JBQzNCLFVBQVUsRUFBRTtvQkFDVixnQkFBZ0IsRUFBRSxnQkFBZ0I7aUJBQ25DO2FBQ0Y7WUFDRCxtQkFBbUIsRUFBRSxLQUFLO1lBQzFCLE1BQU0sRUFBRSwwQ0FBdUIsQ0FBQyxZQUFZLENBQUM7Z0JBQzNDLFNBQVMsRUFBRSwwQ0FBdUIsQ0FBQyxZQUFZO2FBQ2hELENBQUM7U0FDSCxDQUFDLENBQUM7SUFDTCxDQUFDOztBQS9CSCx3REFnQ0MiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBBd3NDdXN0b21SZXNvdXJjZSwgQXdzQ3VzdG9tUmVzb3VyY2VQb2xpY3ksIFBoeXNpY2FsUmVzb3VyY2VJZCB9IGZyb20gXCJhd3MtY2RrLWxpYi9jdXN0b20tcmVzb3VyY2VzXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuXG5leHBvcnQgaW50ZXJmYWNlIEVuYWJsZUF3c1NlcnZpY2VBY2Nlc3NQcm9wcyB7XG4gIC8qKlxuICAgKiBUaGUgc2VydmljZSBwcmluY2lwYWwgbmFtZSBvZiB0aGUgQVdTIHNlcnZpY2UgZm9yIHdoaWNoIHlvdSB3YW50IHRvIGVuYWJsZSBpbnRlZ3JhdGlvbiB3aXRoIHlvdXIgb3JnYW5pemF0aW9uLiBUaGlzIGlzIHR5cGljYWxseSBpbiB0aGUgZm9ybSBvZiBhIFVSTCwgc3VjaCBhcyBzZXJ2aWNlLWFiYnJldmlhdGlvbi5hbWF6b25hd3MuY29tLlxuICAgKi9cbiAgcmVhZG9ubHkgc2VydmljZVByaW5jaXBhbDogc3RyaW5nO1xufVxuXG4vKipcbiAqIEVuYWJsZXMgdGhlIGludGVncmF0aW9uIG9mIGFuIEFXUyBzZXJ2aWNlICh0aGUgc2VydmljZSB0aGF0IGlzIHNwZWNpZmllZCBieSBTZXJ2aWNlUHJpbmNpcGFsKSB3aXRoIEFXUyBPcmdhbml6YXRpb25zLiBXaGVuIHlvdSBlbmFibGUgaW50ZWdyYXRpb24sIHlvdSBhbGxvdyB0aGUgc3BlY2lmaWVkIHNlcnZpY2UgdG8gY3JlYXRlIGEgc2VydmljZS1saW5rZWQgcm9sZSBpbiBhbGwgdGhlIGFjY291bnRzIGluIHlvdXIgb3JnYW5pemF0aW9uLiBUaGlzIGFsbG93cyB0aGUgc2VydmljZSB0byBwZXJmb3JtIG9wZXJhdGlvbnMgb24geW91ciBiZWhhbGYgaW4geW91ciBvcmdhbml6YXRpb24gYW5kIGl0cyBhY2NvdW50cy5cbiAqXG4gKiA8c3Ryb25nPlRoaXMgb3BlcmF0aW9uIGNhbiBiZSBjYWxsZWQgb25seSBmcm9tIHRoZSBvcmdhbml6YXRpb24ncyBtYW5hZ2VtZW50IGFjY291bnQgYW5kIG9ubHkgaWYgdGhlIG9yZ2FuaXphdGlvbiBoYXMgZW5hYmxlZCBhbGwgZmVhdHVyZXMuPC9zdHJvbmc+XG4gKlxuICogQHNlZSBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vb3JnYW5pemF0aW9ucy9sYXRlc3QvdXNlcmd1aWRlL29yZ3NfaW50ZWdyYXRlX3NlcnZpY2VzLmh0bWwjb3Jnc190cnVzdGVkX2FjY2Vzc19wZXJtc1xuICovXG5leHBvcnQgY2xhc3MgRW5hYmxlQXdzU2VydmljZUFjY2VzcyBleHRlbmRzIENvbnN0cnVjdCB7XG4gIHB1YmxpYyBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogRW5hYmxlQXdzU2VydmljZUFjY2Vzc1Byb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIGNvbnN0IHsgc2VydmljZVByaW5jaXBhbCB9ID0gcHJvcHM7XG4gICAgY29uc3Qgb3JnYW5pemF0aW9uc1JlZ2lvbiA9IHByb2Nlc3MuZW52LkNES19BV1NfUEFSVElUSU9OID09PSBcImF3cy1jblwiID8gXCJjbi1ub3J0aHdlc3QtMVwiIDogXCJ1cy1lYXN0LTFcIjtcblxuICAgIG5ldyBBd3NDdXN0b21SZXNvdXJjZSh0aGlzLCBcIkVuYWJsZUF3c1NlcnZpY2VBY2Nlc3NDdXN0b21SZXNvdXJjZVwiLCB7XG4gICAgICByZXNvdXJjZVR5cGU6IFwiQ3VzdG9tOjpPcmdhbml6YXRpb25zX0VuYWJsZUF3c1NlcnZpY2VBY2Nlc3NcIixcbiAgICAgIG9uQ3JlYXRlOiB7XG4gICAgICAgIHNlcnZpY2U6IFwiT3JnYW5pemF0aW9uc1wiLFxuICAgICAgICBhY3Rpb246IFwiZW5hYmxlQVdTU2VydmljZUFjY2Vzc1wiLCAvLyBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQVdTSmF2YVNjcmlwdFNESy9sYXRlc3QvQVdTL09yZ2FuaXphdGlvbnMuaHRtbCNlbmFibGVBV1NTZXJ2aWNlQWNjZXNzLXByb3BlcnR5XG4gICAgICAgIHJlZ2lvbjogb3JnYW5pemF0aW9uc1JlZ2lvbixcbiAgICAgICAgcGh5c2ljYWxSZXNvdXJjZUlkOiBQaHlzaWNhbFJlc291cmNlSWQub2YoYCR7c2VydmljZVByaW5jaXBhbH1gKSxcbiAgICAgICAgcGFyYW1ldGVyczoge1xuICAgICAgICAgIFNlcnZpY2VQcmluY2lwYWw6IHNlcnZpY2VQcmluY2lwYWwsXG4gICAgICAgIH0sXG4gICAgICB9LFxuICAgICAgb25EZWxldGU6IHtcbiAgICAgICAgc2VydmljZTogXCJPcmdhbml6YXRpb25zXCIsXG4gICAgICAgIGFjdGlvbjogXCJkaXNhYmxlQVdTU2VydmljZUFjY2Vzc1wiLCAvLyBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQVdTSmF2YVNjcmlwdFNESy9sYXRlc3QvQVdTL09yZ2FuaXphdGlvbnMuaHRtbCNkaXNhYmxlQVdTU2VydmljZUFjY2Vzcy1wcm9wZXJ0eVxuICAgICAgICByZWdpb246IG9yZ2FuaXphdGlvbnNSZWdpb24sXG4gICAgICAgIHBhcmFtZXRlcnM6IHtcbiAgICAgICAgICBTZXJ2aWNlUHJpbmNpcGFsOiBzZXJ2aWNlUHJpbmNpcGFsLFxuICAgICAgICB9LFxuICAgICAgfSxcbiAgICAgIGluc3RhbGxMYXRlc3RBd3NTZGs6IGZhbHNlLFxuICAgICAgcG9saWN5OiBBd3NDdXN0b21SZXNvdXJjZVBvbGljeS5mcm9tU2RrQ2FsbHMoe1xuICAgICAgICByZXNvdXJjZXM6IEF3c0N1c3RvbVJlc291cmNlUG9saWN5LkFOWV9SRVNPVVJDRSxcbiAgICAgIH0pLFxuICAgIH0pO1xuICB9XG59XG4iXX0=