UNPKG

@pepperize/cdk-organizations

Version:

Manage AWS organizations, organizational units (OU), accounts and service control policies (SCP).

github.com/pepperize/cdk-organizations

pepperize/cdk-organizations

48 lines 7.28 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
"use strict"; var _a; Object.defineProperty(exports, "__esModule", { value: true }); exports.PolicyAttachment = void 0; const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti"); const custom_resources_1 = require("aws-cdk-lib/custom-resources"); const constructs_1 = require("constructs"); /** * Attaches a policy to a root, an organizational unit (OU), or an individual account. How the policy affects accounts depends on the type of policy. Refer to the AWS Organizations User Guide for information about each policy type: */ class PolicyAttachment extends constructs_1.Construct { constructor(scope, id, props) { super(scope, id); const { target, policy } = props; const organizationsRegion = process.env.CDK_AWS_PARTITION === "aws-cn" ? "cn-northwest-1" : "us-east-1"; new custom_resources_1.AwsCustomResource(this, "CustomResource", { resourceType: "Custom::Organizations_PolicyAttachment", onCreate: { service: "Organizations", action: "attachPolicy", // https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Organizations.html#attachPolicy-property region: organizationsRegion, parameters: { PolicyId: policy.policyId, TargetId: target.identifier(), }, physicalResourceId: custom_resources_1.PhysicalResourceId.of(`${policy.policyId}:${target.identifier()}`), }, onDelete: { service: "Organizations", action: "detachPolicy", // https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Organizations.html#detachPolicy-property region: organizationsRegion, parameters: { PolicyId: policy.policyId, TargetId: target.identifier(), }, physicalResourceId: custom_resources_1.PhysicalResourceId.of(`${policy.policyId}:${target.identifier()}`), }, installLatestAwsSdk: false, policy: custom_resources_1.AwsCustomResourcePolicy.fromSdkCalls({ resources: custom_resources_1.AwsCustomResourcePolicy.ANY_RESOURCE, }), }); } } exports.PolicyAttachment = PolicyAttachment; _a = JSII_RTTI_SYMBOL_1; PolicyAttachment[_a] = { fqn: "@pepperize/cdk-organizations.PolicyAttachment", version: "0.7.988" }; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicG9saWN5LWF0dGFjaG1lbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvcG9saWN5LWF0dGFjaG1lbnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSxtRUFBOEc7QUFDOUcsMkNBQW9EO0FBaUJwRDs7R0FFRztBQUNILE1BQWEsZ0JBQWlCLFNBQVEsc0JBQVM7SUFDN0MsWUFBbUIsS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBNEI7UUFDM0UsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixNQUFNLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxHQUFHLEtBQUssQ0FBQztRQUNqQyxNQUFNLG1CQUFtQixHQUFHLE9BQU8sQ0FBQyxHQUFHLENBQUMsaUJBQWlCLEtBQUssUUFBUSxDQUFDLENBQUMsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDLENBQUMsV0FBVyxDQUFDO1FBRXhHLElBQUksb0NBQWlCLENBQUMsSUFBSSxFQUFFLGdCQUFnQixFQUFFO1lBQzVDLFlBQVksRUFBRSx3Q0FBd0M7WUFDdEQsUUFBUSxFQUFFO2dCQUNSLE9BQU8sRUFBRSxlQUFlO2dCQUN4QixNQUFNLEVBQUUsY0FBYyxFQUFFLG1HQUFtRztnQkFDM0gsTUFBTSxFQUFFLG1CQUFtQjtnQkFDM0IsVUFBVSxFQUFFO29CQUNWLFFBQVEsRUFBRSxNQUFNLENBQUMsUUFBUTtvQkFDekIsUUFBUSxFQUFFLE1BQU0sQ0FBQyxVQUFVLEVBQUU7aUJBQzlCO2dCQUNELGtCQUFrQixFQUFFLHFDQUFrQixDQUFDLEVBQUUsQ0FBQyxHQUFHLE1BQU0sQ0FBQyxRQUFRLElBQUksTUFBTSxDQUFDLFVBQVUsRUFBRSxFQUFFLENBQUM7YUFDdkY7WUFDRCxRQUFRLEVBQUU7Z0JBQ1IsT0FBTyxFQUFFLGVBQWU7Z0JBQ3hCLE1BQU0sRUFBRSxjQUFjLEVBQUUsbUdBQW1HO2dCQUMzSCxNQUFNLEVBQUUsbUJBQW1CO2dCQUMzQixVQUFVLEVBQUU7b0JBQ1YsUUFBUSxFQUFFLE1BQU0sQ0FBQyxRQUFRO29CQUN6QixRQUFRLEVBQUUsTUFBTSxDQUFDLFVBQVUsRUFBRTtpQkFDOUI7Z0JBQ0Qsa0JBQWtCLEVBQUUscUNBQWtCLENBQUMsRUFBRSxDQUFDLEdBQUcsTUFBTSxDQUFDLFFBQVEsSUFBSSxNQUFNLENBQUMsVUFBVSxFQUFFLEVBQUUsQ0FBQzthQUN2RjtZQUNELG1CQUFtQixFQUFFLEtBQUs7WUFDMUIsTUFBTSxFQUFFLDBDQUF1QixDQUFDLFlBQVksQ0FBQztnQkFDM0MsU0FBUyxFQUFFLDBDQUF1QixDQUFDLFlBQVk7YUFDaEQsQ0FBQztTQUNILENBQUMsQ0FBQztJQUNMLENBQUM7O0FBbENILDRDQW1DQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEF3c0N1c3RvbVJlc291cmNlLCBBd3NDdXN0b21SZXNvdXJjZVBvbGljeSwgUGh5c2ljYWxSZXNvdXJjZUlkIH0gZnJvbSBcImF3cy1jZGstbGliL2N1c3RvbS1yZXNvdXJjZXNcIjtcbmltcG9ydCB7IENvbnN0cnVjdCwgSURlcGVuZGFibGUgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgSVBvbGljeSB9IGZyb20gXCIuL3BvbGljeVwiO1xuaW1wb3J0IHsgSVJlc291cmNlIH0gZnJvbSBcIi4vcmVzb3VyY2VcIjtcblxuZXhwb3J0IGludGVyZmFjZSBJUG9saWN5QXR0YWNobWVudFRhcmdldCBleHRlbmRzIElEZXBlbmRhYmxlLCBJUmVzb3VyY2Uge31cblxuZXhwb3J0IGludGVyZmFjZSBQb2xpY3lBdHRhY2htZW50UHJvcHMge1xuICAvKipcbiAgICogVGhlIHJvb3QsIE9VLCBvciBhY2NvdW50IHRoYXQgeW91IHdhbnQgdG8gYXR0YWNoIHRoZSBwb2xpY3kgdG8uXG4gICAqL1xuICByZWFkb25seSB0YXJnZXQ6IElQb2xpY3lBdHRhY2htZW50VGFyZ2V0O1xuICAvKipcbiAgICogVGhlIHBvbGljeSB0aGF0IHlvdSB3YW50IHRvIGF0dGFjaCB0byB0aGUgdGFyZ2V0LlxuICAgKi9cbiAgcmVhZG9ubHkgcG9saWN5OiBJUG9saWN5O1xufVxuXG4vKipcbiAqIEF0dGFjaGVzIGEgcG9saWN5IHRvIGEgcm9vdCwgYW4gb3JnYW5pemF0aW9uYWwgdW5pdCAoT1UpLCBvciBhbiBpbmRpdmlkdWFsIGFjY291bnQuIEhvdyB0aGUgcG9saWN5IGFmZmVjdHMgYWNjb3VudHMgZGVwZW5kcyBvbiB0aGUgdHlwZSBvZiBwb2xpY3kuIFJlZmVyIHRvIHRoZSBBV1MgT3JnYW5pemF0aW9ucyBVc2VyIEd1aWRlIGZvciBpbmZvcm1hdGlvbiBhYm91dCBlYWNoIHBvbGljeSB0eXBlOlxuICovXG5leHBvcnQgY2xhc3MgUG9saWN5QXR0YWNobWVudCBleHRlbmRzIENvbnN0cnVjdCB7XG4gIHB1YmxpYyBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogUG9saWN5QXR0YWNobWVudFByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIGNvbnN0IHsgdGFyZ2V0LCBwb2xpY3kgfSA9IHByb3BzO1xuICAgIGNvbnN0IG9yZ2FuaXphdGlvbnNSZWdpb24gPSBwcm9jZXNzLmVudi5DREtfQVdTX1BBUlRJVElPTiA9PT0gXCJhd3MtY25cIiA/IFwiY24tbm9ydGh3ZXN0LTFcIiA6IFwidXMtZWFzdC0xXCI7XG5cbiAgICBuZXcgQXdzQ3VzdG9tUmVzb3VyY2UodGhpcywgXCJDdXN0b21SZXNvdXJjZVwiLCB7XG4gICAgICByZXNvdXJjZVR5cGU6IFwiQ3VzdG9tOjpPcmdhbml6YXRpb25zX1BvbGljeUF0dGFjaG1lbnRcIixcbiAgICAgIG9uQ3JlYXRlOiB7XG4gICAgICAgIHNlcnZpY2U6IFwiT3JnYW5pemF0aW9uc1wiLFxuICAgICAgICBhY3Rpb246IFwiYXR0YWNoUG9saWN5XCIsIC8vIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9BV1NKYXZhU2NyaXB0U0RLL2xhdGVzdC9BV1MvT3JnYW5pemF0aW9ucy5odG1sI2F0dGFjaFBvbGljeS1wcm9wZXJ0eVxuICAgICAgICByZWdpb246IG9yZ2FuaXphdGlvbnNSZWdpb24sXG4gICAgICAgIHBhcmFtZXRlcnM6IHtcbiAgICAgICAgICBQb2xpY3lJZDogcG9saWN5LnBvbGljeUlkLFxuICAgICAgICAgIFRhcmdldElkOiB0YXJnZXQuaWRlbnRpZmllcigpLFxuICAgICAgICB9LFxuICAgICAgICBwaHlzaWNhbFJlc291cmNlSWQ6IFBoeXNpY2FsUmVzb3VyY2VJZC5vZihgJHtwb2xpY3kucG9saWN5SWR9OiR7dGFyZ2V0LmlkZW50aWZpZXIoKX1gKSxcbiAgICAgIH0sXG4gICAgICBvbkRlbGV0ZToge1xuICAgICAgICBzZXJ2aWNlOiBcIk9yZ2FuaXphdGlvbnNcIixcbiAgICAgICAgYWN0aW9uOiBcImRldGFjaFBvbGljeVwiLCAvLyBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQVdTSmF2YVNjcmlwdFNESy9sYXRlc3QvQVdTL09yZ2FuaXphdGlvbnMuaHRtbCNkZXRhY2hQb2xpY3ktcHJvcGVydHlcbiAgICAgICAgcmVnaW9uOiBvcmdhbml6YXRpb25zUmVnaW9uLFxuICAgICAgICBwYXJhbWV0ZXJzOiB7XG4gICAgICAgICAgUG9saWN5SWQ6IHBvbGljeS5wb2xpY3lJZCxcbiAgICAgICAgICBUYXJnZXRJZDogdGFyZ2V0LmlkZW50aWZpZXIoKSxcbiAgICAgICAgfSxcbiAgICAgICAgcGh5c2ljYWxSZXNvdXJjZUlkOiBQaHlzaWNhbFJlc291cmNlSWQub2YoYCR7cG9saWN5LnBvbGljeUlkfToke3RhcmdldC5pZGVudGlmaWVyKCl9YCksXG4gICAgICB9LFxuICAgICAgaW5zdGFsbExhdGVzdEF3c1NkazogZmFsc2UsXG4gICAgICBwb2xpY3k6IEF3c0N1c3RvbVJlc291cmNlUG9saWN5LmZyb21TZGtDYWxscyh7XG4gICAgICAgIHJlc291cmNlczogQXdzQ3VzdG9tUmVzb3VyY2VQb2xpY3kuQU5ZX1JFU09VUkNFLFxuICAgICAgfSksXG4gICAgfSk7XG4gIH1cbn1cbiJdfQ==