UNPKG

@pepperize/cdk-organizations

Version:

Manage AWS organizations, organizational units (OU), accounts and service control policies (SCP).

github.com/pepperize/cdk-organizations

pepperize/cdk-organizations

52 lines 7.35 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.handler = handler; const aws_sdk_1 = require("aws-sdk"); let organizationsClient; const organizationsRegion = process.env.ORGANIZATIONS_ENDPOINT_REGION ?? "us-east-1"; /** * The onEvent handler is invoked whenever a resource lifecycle event for a TagResource occurs * * @see https://docs.aws.amazon.com/cdk/api/v1/docs/custom-resources-readme.html#handling-lifecycle-events-onevent */ async function handler(event) { console.log(`Request of type ${event.RequestType} received`); if (!organizationsClient) { organizationsClient = new aws_sdk_1.Organizations({ region: organizationsRegion }); } console.log("Payload: %j", event); // Get all AWS organizations service tags const listTagsForResourceResponse = await organizationsClient .listTagsForResource({ ResourceId: event.ResourceProperties.ResourceId, }) .promise(); const oldTags = listTagsForResourceResponse.Tags ?? []; const oldTagKeys = oldTags.map((tag) => tag.Key); const newTags = event.ResourceProperties.Tags ?? []; const newTagKeys = newTags.map((tag) => tag.Key); // Remove AWS organizations service tags const tagKeysToRemove = oldTagKeys.filter((tagKey) => !newTagKeys.includes(tagKey)); if (tagKeysToRemove.length) { await organizationsClient .untagResource({ ResourceId: event.ResourceProperties.ResourceId, TagKeys: tagKeysToRemove, }) .promise(); } if (event.RequestType == "Delete") { return { PhysicalResourceId: event.PhysicalResourceId }; } if (newTags.length) { // Update AWS organizations service tags await organizationsClient .tagResource({ ResourceId: event.ResourceProperties.ResourceId, Tags: newTags, }) .promise(); } return { PhysicalResourceId: event.ResourceProperties.ResourceId, ResourceProperties: event.ResourceProperties }; } //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib24tZXZlbnQtaGFuZGxlci5sYW1iZGEuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvdGFnLXJlc291cmNlLXByb3ZpZGVyL29uLWV2ZW50LWhhbmRsZXIubGFtYmRhLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBV0EsMEJBOENDO0FBeERELHFDQUF3QztBQUV4QyxJQUFJLG1CQUFrQyxDQUFDO0FBQ3ZDLE1BQU0sbUJBQW1CLEdBQUcsT0FBTyxDQUFDLEdBQUcsQ0FBQyw2QkFBNkIsSUFBSSxXQUFXLENBQUM7QUFFckY7Ozs7R0FJRztBQUNJLEtBQUssVUFBVSxPQUFPLENBQUMsS0FBcUI7SUFDakQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxtQkFBbUIsS0FBSyxDQUFDLFdBQVcsV0FBVyxDQUFDLENBQUM7SUFFN0QsSUFBSSxDQUFDLG1CQUFtQixFQUFFLENBQUM7UUFDekIsbUJBQW1CLEdBQUcsSUFBSSx1QkFBYSxDQUFDLEVBQUUsTUFBTSxFQUFFLG1CQUFtQixFQUFFLENBQUMsQ0FBQztJQUMzRSxDQUFDO0lBRUQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxhQUFhLEVBQUUsS0FBSyxDQUFDLENBQUM7SUFFbEMseUNBQXlDO0lBQ3pDLE1BQU0sMkJBQTJCLEdBQThDLE1BQU0sbUJBQW1CO1NBQ3JHLG1CQUFtQixDQUFDO1FBQ25CLFVBQVUsRUFBRSxLQUFLLENBQUMsa0JBQWtCLENBQUMsVUFBVTtLQUNoRCxDQUFDO1NBQ0QsT0FBTyxFQUFFLENBQUM7SUFDYixNQUFNLE9BQU8sR0FBd0IsMkJBQTJCLENBQUMsSUFBSSxJQUFJLEVBQUUsQ0FBQztJQUM1RSxNQUFNLFVBQVUsR0FBYSxPQUFPLENBQUMsR0FBRyxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUUsQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUM7SUFDM0QsTUFBTSxPQUFPLEdBQXdCLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxJQUFJLElBQUksRUFBRSxDQUFDO0lBQ3pFLE1BQU0sVUFBVSxHQUFhLE9BQU8sQ0FBQyxHQUFHLENBQUMsQ0FBQyxHQUFHLEVBQUUsRUFBRSxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUUzRCx3Q0FBd0M7SUFDeEMsTUFBTSxlQUFlLEdBQWEsVUFBVSxDQUFDLE1BQU0sQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsQ0FBQyxVQUFVLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUM7SUFDOUYsSUFBSSxlQUFlLENBQUMsTUFBTSxFQUFFLENBQUM7UUFDM0IsTUFBTSxtQkFBbUI7YUFDdEIsYUFBYSxDQUFDO1lBQ2IsVUFBVSxFQUFFLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxVQUFVO1lBQy9DLE9BQU8sRUFBRSxlQUFlO1NBQ3pCLENBQUM7YUFDRCxPQUFPLEVBQUUsQ0FBQztJQUNmLENBQUM7SUFFRCxJQUFJLEtBQUssQ0FBQyxXQUFXLElBQUksUUFBUSxFQUFFLENBQUM7UUFDbEMsT0FBTyxFQUFFLGtCQUFrQixFQUFFLEtBQUssQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO0lBQzFELENBQUM7SUFFRCxJQUFJLE9BQU8sQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUNuQix3Q0FBd0M7UUFDeEMsTUFBTSxtQkFBbUI7YUFDdEIsV0FBVyxDQUFDO1lBQ1gsVUFBVSxFQUFFLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxVQUFVO1lBQy9DLElBQUksRUFBRSxPQUFPO1NBQ2QsQ0FBQzthQUNELE9BQU8sRUFBRSxDQUFDO0lBQ2YsQ0FBQztJQUVELE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxLQUFLLENBQUMsa0JBQWtCLENBQUMsVUFBVSxFQUFFLGtCQUFrQixFQUFFLEtBQUssQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO0FBQ25ILENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBDZGtDdXN0b21SZXNvdXJjZUV2ZW50IGFzIE9uRXZlbnRSZXF1ZXN0LCBDZGtDdXN0b21SZXNvdXJjZVJlc3BvbnNlIGFzIE9uRXZlbnRSZXNwb25zZSB9IGZyb20gXCJhd3MtbGFtYmRhXCI7XG5pbXBvcnQgeyBPcmdhbml6YXRpb25zIH0gZnJvbSBcImF3cy1zZGtcIjtcblxubGV0IG9yZ2FuaXphdGlvbnNDbGllbnQ6IE9yZ2FuaXphdGlvbnM7XG5jb25zdCBvcmdhbml6YXRpb25zUmVnaW9uID0gcHJvY2Vzcy5lbnYuT1JHQU5JWkFUSU9OU19FTkRQT0lOVF9SRUdJT04gPz8gXCJ1cy1lYXN0LTFcIjtcblxuLyoqXG4gKiBUaGUgb25FdmVudCBoYW5kbGVyIGlzIGludm9rZWQgd2hlbmV2ZXIgYSByZXNvdXJjZSBsaWZlY3ljbGUgZXZlbnQgZm9yIGEgVGFnUmVzb3VyY2Ugb2NjdXJzXG4gKlxuICogQHNlZSBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vY2RrL2FwaS92MS9kb2NzL2N1c3RvbS1yZXNvdXJjZXMtcmVhZG1lLmh0bWwjaGFuZGxpbmctbGlmZWN5Y2xlLWV2ZW50cy1vbmV2ZW50XG4gKi9cbmV4cG9ydCBhc3luYyBmdW5jdGlvbiBoYW5kbGVyKGV2ZW50OiBPbkV2ZW50UmVxdWVzdCk6IFByb21pc2U8T25FdmVudFJlc3BvbnNlPiB7XG4gIGNvbnNvbGUubG9nKGBSZXF1ZXN0IG9mIHR5cGUgJHtldmVudC5SZXF1ZXN0VHlwZX0gcmVjZWl2ZWRgKTtcblxuICBpZiAoIW9yZ2FuaXphdGlvbnNDbGllbnQpIHtcbiAgICBvcmdhbml6YXRpb25zQ2xpZW50ID0gbmV3IE9yZ2FuaXphdGlvbnMoeyByZWdpb246IG9yZ2FuaXphdGlvbnNSZWdpb24gfSk7XG4gIH1cblxuICBjb25zb2xlLmxvZyhcIlBheWxvYWQ6ICVqXCIsIGV2ZW50KTtcblxuICAvLyBHZXQgYWxsIEFXUyBvcmdhbml6YXRpb25zIHNlcnZpY2UgdGFnc1xuICBjb25zdCBsaXN0VGFnc0ZvclJlc291cmNlUmVzcG9uc2U6IE9yZ2FuaXphdGlvbnMuTGlzdFRhZ3NGb3JSZXNvdXJjZVJlc3BvbnNlID0gYXdhaXQgb3JnYW5pemF0aW9uc0NsaWVudFxuICAgIC5saXN0VGFnc0ZvclJlc291cmNlKHtcbiAgICAgIFJlc291cmNlSWQ6IGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5SZXNvdXJjZUlkLFxuICAgIH0pXG4gICAgLnByb21pc2UoKTtcbiAgY29uc3Qgb2xkVGFnczogT3JnYW5pemF0aW9ucy5UYWdbXSA9IGxpc3RUYWdzRm9yUmVzb3VyY2VSZXNwb25zZS5UYWdzID8/IFtdO1xuICBjb25zdCBvbGRUYWdLZXlzOiBzdHJpbmdbXSA9IG9sZFRhZ3MubWFwKCh0YWcpID0+IHRhZy5LZXkpO1xuICBjb25zdCBuZXdUYWdzOiBPcmdhbml6YXRpb25zLlRhZ1tdID0gZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLlRhZ3MgPz8gW107XG4gIGNvbnN0IG5ld1RhZ0tleXM6IHN0cmluZ1tdID0gbmV3VGFncy5tYXAoKHRhZykgPT4gdGFnLktleSk7XG5cbiAgLy8gUmVtb3ZlIEFXUyBvcmdhbml6YXRpb25zIHNlcnZpY2UgdGFnc1xuICBjb25zdCB0YWdLZXlzVG9SZW1vdmU6IHN0cmluZ1tdID0gb2xkVGFnS2V5cy5maWx0ZXIoKHRhZ0tleSkgPT4gIW5ld1RhZ0tleXMuaW5jbHVkZXModGFnS2V5KSk7XG4gIGlmICh0YWdLZXlzVG9SZW1vdmUubGVuZ3RoKSB7XG4gICAgYXdhaXQgb3JnYW5pemF0aW9uc0NsaWVudFxuICAgICAgLnVudGFnUmVzb3VyY2Uoe1xuICAgICAgICBSZXNvdXJjZUlkOiBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuUmVzb3VyY2VJZCxcbiAgICAgICAgVGFnS2V5czogdGFnS2V5c1RvUmVtb3ZlLFxuICAgICAgfSlcbiAgICAgIC5wcm9taXNlKCk7XG4gIH1cblxuICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT0gXCJEZWxldGVcIikge1xuICAgIHJldHVybiB7IFBoeXNpY2FsUmVzb3VyY2VJZDogZXZlbnQuUGh5c2ljYWxSZXNvdXJjZUlkIH07XG4gIH1cblxuICBpZiAobmV3VGFncy5sZW5ndGgpIHtcbiAgICAvLyBVcGRhdGUgQVdTIG9yZ2FuaXphdGlvbnMgc2VydmljZSB0YWdzXG4gICAgYXdhaXQgb3JnYW5pemF0aW9uc0NsaWVudFxuICAgICAgLnRhZ1Jlc291cmNlKHtcbiAgICAgICAgUmVzb3VyY2VJZDogZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLlJlc291cmNlSWQsXG4gICAgICAgIFRhZ3M6IG5ld1RhZ3MsXG4gICAgICB9KVxuICAgICAgLnByb21pc2UoKTtcbiAgfVxuXG4gIHJldHVybiB7IFBoeXNpY2FsUmVzb3VyY2VJZDogZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLlJlc291cmNlSWQsIFJlc291cmNlUHJvcGVydGllczogZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzIH07XG59XG4iXX0=