@rocketleap/cdk-organizations
Version:
Manage AWS organizations, organizational units (OU), accounts and service control policies (SCP).
57 lines • 8.39 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.OrganizationalUnitProvider = void 0;
const aws_cdk_lib_1 = require("aws-cdk-lib");
const aws_iam_1 = require("aws-cdk-lib/aws-iam");
const custom_resources_1 = require("aws-cdk-lib/custom-resources");
const on_event_handler_function_1 = require("./on-event-handler-function");
/**
* Creates a custom resource provider to create the organizational unit in AWS organization.
*
* <ul>
* <li><strong>If the organizational unit already exists, it will be imported if `ImportOnDuplicate` is true.</strong>
* <li><strong>Only an emptied organizational unit can be deleted!</strong></li>
* </ul>
*
* @see https://docs.aws.amazon.com/cdk/api/v1/docs/custom-resources-readme.html#provider-framework
*/
class OrganizationalUnitProvider extends aws_cdk_lib_1.NestedStack {
/**
* Retrieve OrganizationalUnitProvider as stack singleton resource.
*
* @see https://github.com/aws/aws-cdk/issues/5023
*/
static getOrCreate(scope) {
const stack = aws_cdk_lib_1.Stack.of(scope);
const id = "cdk-organizations.OrganizationalUnitProvider";
const existing = stack.node.tryFindChild(id);
return existing || new OrganizationalUnitProvider(stack, id, {});
}
constructor(scope, id, props) {
super(scope, id, props);
const organizationsRegion = process.env.CDK_AWS_PARTITION === "aws-cn" ? "cn-northwest-1" : "us-east-1";
this.onEventHandler = new on_event_handler_function_1.OnEventHandlerFunction(this, "OnEventHandlerFunction", {
environment: {
ORGANIZATIONS_ENDPOINT_REGION: organizationsRegion,
},
timeout: aws_cdk_lib_1.Duration.minutes(10),
initialPolicy: [
new aws_iam_1.PolicyStatement({
actions: [
"organizations:CreateOrganizationalUnit",
"organizations:DescribeOrganizationalUnit",
"organizations:UpdateOrganizationalUnit",
"organizations:DeleteOrganizationalUnit",
"organizations:ListOrganizationalUnitsForParent",
],
resources: ["*"],
}),
],
});
this.provider = new custom_resources_1.Provider(this, "Provider", {
onEventHandler: this.onEventHandler,
});
}
}
exports.OrganizationalUnitProvider = OrganizationalUnitProvider;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3JnYW5pemF0aW9uYWwtdW5pdC1wcm92aWRlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9vcmdhbml6YXRpb25hbC11bml0LXByb3ZpZGVyL29yZ2FuaXphdGlvbmFsLXVuaXQtcHJvdmlkZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNkNBQTZFO0FBQzdFLGlEQUFzRDtBQUV0RCxtRUFBd0Q7QUFFeEQsMkVBQXFFO0FBSXJFOzs7Ozs7Ozs7R0FTRztBQUNILE1BQWEsMEJBQTJCLFNBQVEseUJBQVc7SUFDekQ7Ozs7T0FJRztJQUNJLE1BQU0sQ0FBQyxXQUFXLENBQUMsS0FBZ0I7UUFDeEMsTUFBTSxLQUFLLEdBQUcsbUJBQUssQ0FBQyxFQUFFLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDOUIsTUFBTSxFQUFFLEdBQUcsOENBQThDLENBQUM7UUFDMUQsTUFBTSxRQUFRLEdBQUcsS0FBSyxDQUFDLElBQUksQ0FBQyxZQUFZLENBQUMsRUFBRSxDQUFDLENBQUM7UUFDN0MsT0FBUSxRQUF1QyxJQUFJLElBQUksMEJBQTBCLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRSxFQUFFLENBQUMsQ0FBQztJQUNuRyxDQUFDO0lBZUQsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUFzQztRQUM5RSxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRSxLQUFLLENBQUMsQ0FBQztRQUV4QixNQUFNLG1CQUFtQixHQUFHLE9BQU8sQ0FBQyxHQUFHLENBQUMsaUJBQWlCLEtBQUssUUFBUSxDQUFDLENBQUMsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDLENBQUMsV0FBVyxDQUFDO1FBRXhHLElBQUksQ0FBQyxjQUFjLEdBQUcsSUFBSSxrREFBc0IsQ0FBQyxJQUFJLEVBQUUsd0JBQXdCLEVBQUU7WUFDL0UsV0FBVyxFQUFFO2dCQUNYLDZCQUE2QixFQUFFLG1CQUFtQjthQUNuRDtZQUNELE9BQU8sRUFBRSxzQkFBUSxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7WUFDN0IsYUFBYSxFQUFFO2dCQUNiLElBQUkseUJBQWUsQ0FBQztvQkFDbEIsT0FBTyxFQUFFO3dCQUNQLHdDQUF3Qzt3QkFDeEMsMENBQTBDO3dCQUMxQyx3Q0FBd0M7d0JBQ3hDLHdDQUF3Qzt3QkFDeEMsZ0RBQWdEO3FCQUNqRDtvQkFDRCxTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7aUJBQ2pCLENBQUM7YUFDSDtTQUNGLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxRQUFRLEdBQUcsSUFBSSwyQkFBUSxDQUFDLElBQUksRUFBRSxVQUFVLEVBQUU7WUFDN0MsY0FBYyxFQUFFLElBQUksQ0FBQyxjQUFjO1NBQ3BDLENBQUMsQ0FBQztJQUNMLENBQUM7Q0FDRjtBQXRERCxnRUFzREMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBEdXJhdGlvbiwgTmVzdGVkU3RhY2ssIE5lc3RlZFN0YWNrUHJvcHMsIFN0YWNrIH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5pbXBvcnQgeyBQb2xpY3lTdGF0ZW1lbnQgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWlhbVwiO1xuaW1wb3J0IHsgRnVuY3Rpb24gfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWxhbWJkYVwiO1xuaW1wb3J0IHsgUHJvdmlkZXIgfSBmcm9tIFwiYXdzLWNkay1saWIvY3VzdG9tLXJlc291cmNlc1wiO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcbmltcG9ydCB7IE9uRXZlbnRIYW5kbGVyRnVuY3Rpb24gfSBmcm9tIFwiLi9vbi1ldmVudC1oYW5kbGVyLWZ1bmN0aW9uXCI7XG5cbmV4cG9ydCBpbnRlcmZhY2UgT3JnYW5pemF0aW9uYWxVbml0UHJvdmlkZXJQcm9wcyBleHRlbmRzIE5lc3RlZFN0YWNrUHJvcHMge31cblxuLyoqXG4gKiBDcmVhdGVzIGEgY3VzdG9tIHJlc291cmNlIHByb3ZpZGVyIHRvIGNyZWF0ZSB0aGUgb3JnYW5pemF0aW9uYWwgdW5pdCBpbiBBV1Mgb3JnYW5pemF0aW9uLlxuICpcbiAqIDx1bD5cbiAqICAgPGxpPjxzdHJvbmc+SWYgdGhlIG9yZ2FuaXphdGlvbmFsIHVuaXQgYWxyZWFkeSBleGlzdHMsIGl0IHdpbGwgYmUgaW1wb3J0ZWQgaWYgYEltcG9ydE9uRHVwbGljYXRlYCBpcyB0cnVlLjwvc3Ryb25nPlxuICogICA8bGk+PHN0cm9uZz5Pbmx5IGFuIGVtcHRpZWQgb3JnYW5pemF0aW9uYWwgdW5pdCBjYW4gYmUgZGVsZXRlZCE8L3N0cm9uZz48L2xpPlxuICogPC91bD5cbiAqXG4gKiBAc2VlIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9jZGsvYXBpL3YxL2RvY3MvY3VzdG9tLXJlc291cmNlcy1yZWFkbWUuaHRtbCNwcm92aWRlci1mcmFtZXdvcmtcbiAqL1xuZXhwb3J0IGNsYXNzIE9yZ2FuaXphdGlvbmFsVW5pdFByb3ZpZGVyIGV4dGVuZHMgTmVzdGVkU3RhY2sge1xuICAvKipcbiAgICogUmV0cmlldmUgT3JnYW5pemF0aW9uYWxVbml0UHJvdmlkZXIgYXMgc3RhY2sgc2luZ2xldG9uIHJlc291cmNlLlxuICAgKlxuICAgKiBAc2VlIGh0dHBzOi8vZ2l0aHViLmNvbS9hd3MvYXdzLWNkay9pc3N1ZXMvNTAyM1xuICAgKi9cbiAgcHVibGljIHN0YXRpYyBnZXRPckNyZWF0ZShzY29wZTogQ29uc3RydWN0KTogT3JnYW5pemF0aW9uYWxVbml0UHJvdmlkZXIge1xuICAgIGNvbnN0IHN0YWNrID0gU3RhY2sub2Yoc2NvcGUpO1xuICAgIGNvbnN0IGlkID0gXCJjZGstb3JnYW5pemF0aW9ucy5Pcmdhbml6YXRpb25hbFVuaXRQcm92aWRlclwiO1xuICAgIGNvbnN0IGV4aXN0aW5nID0gc3RhY2subm9kZS50cnlGaW5kQ2hpbGQoaWQpO1xuICAgIHJldHVybiAoZXhpc3RpbmcgYXMgT3JnYW5pemF0aW9uYWxVbml0UHJvdmlkZXIpIHx8IG5ldyBPcmdhbml6YXRpb25hbFVuaXRQcm92aWRlcihzdGFjaywgaWQsIHt9KTtcbiAgfVxuICAvKipcbiAgICogQ3JlYXRlcyBhbiBPcmdhbml6YXRpb25hbCBVbml0IChPVSkgYW5kIHJldHVybnMgdGhlIHJlc3VsdC5cbiAgICpcbiAgICogQHNlZSBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQVdTSmF2YVNjcmlwdFNESy9sYXRlc3QvQVdTL09yZ2FuaXphdGlvbnMuaHRtbCNjcmVhdGVPcmdhbml6YXRpb25hbFVuaXQtcHJvcGVydHlcbiAgICogQHNlZSBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQVdTSmF2YVNjcmlwdFNESy9sYXRlc3QvQVdTL09yZ2FuaXphdGlvbnMuaHRtbCNsaXN0T3JnYW5pemF0aW9uYWxVbml0c0ZvclBhcmVudC1wcm9wZXJ0eVxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IG9uRXZlbnRIYW5kbGVyOiBGdW5jdGlvbjtcbiAgLyoqXG4gICAqIFRoZSBwcm92aWRlciB0byBjcmVhdGUsIHVwZGF0ZSBvciBkZWxldGUgYW4gb3JnYW5pemF0aW9uYWwgdW5pdC5cbiAgICpcbiAgICogQHNlZSBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vY2RrL2FwaS92MS9kb2NzL2N1c3RvbS1yZXNvdXJjZXMtcmVhZG1lLmh0bWwjYXN5bmNocm9ub3VzLXByb3ZpZGVycy1pc2NvbXBsZXRlXG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgcHJvdmlkZXI6IFByb3ZpZGVyO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBPcmdhbml6YXRpb25hbFVuaXRQcm92aWRlclByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkLCBwcm9wcyk7XG5cbiAgICBjb25zdCBvcmdhbml6YXRpb25zUmVnaW9uID0gcHJvY2Vzcy5lbnYuQ0RLX0FXU19QQVJUSVRJT04gPT09IFwiYXdzLWNuXCIgPyBcImNuLW5vcnRod2VzdC0xXCIgOiBcInVzLWVhc3QtMVwiO1xuXG4gICAgdGhpcy5vbkV2ZW50SGFuZGxlciA9IG5ldyBPbkV2ZW50SGFuZGxlckZ1bmN0aW9uKHRoaXMsIFwiT25FdmVudEhhbmRsZXJGdW5jdGlvblwiLCB7XG4gICAgICBlbnZpcm9ubWVudDoge1xuICAgICAgICBPUkdBTklaQVRJT05TX0VORFBPSU5UX1JFR0lPTjogb3JnYW5pemF0aW9uc1JlZ2lvbixcbiAgICAgIH0sXG4gICAgICB0aW1lb3V0OiBEdXJhdGlvbi5taW51dGVzKDEwKSxcbiAgICAgIGluaXRpYWxQb2xpY3k6IFtcbiAgICAgICAgbmV3IFBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgICAgYWN0aW9uczogW1xuICAgICAgICAgICAgXCJvcmdhbml6YXRpb25zOkNyZWF0ZU9yZ2FuaXphdGlvbmFsVW5pdFwiLFxuICAgICAgICAgICAgXCJvcmdhbml6YXRpb25zOkRlc2NyaWJlT3JnYW5pemF0aW9uYWxVbml0XCIsXG4gICAgICAgICAgICBcIm9yZ2FuaXphdGlvbnM6VXBkYXRlT3JnYW5pemF0aW9uYWxVbml0XCIsXG4gICAgICAgICAgICBcIm9yZ2FuaXphdGlvbnM6RGVsZXRlT3JnYW5pemF0aW9uYWxVbml0XCIsXG4gICAgICAgICAgICBcIm9yZ2FuaXphdGlvbnM6TGlzdE9yZ2FuaXphdGlvbmFsVW5pdHNGb3JQYXJlbnRcIixcbiAgICAgICAgICBdLFxuICAgICAgICAgIHJlc291cmNlczogW1wiKlwiXSxcbiAgICAgICAgfSksXG4gICAgICBdLFxuICAgIH0pO1xuXG4gICAgdGhpcy5wcm92aWRlciA9IG5ldyBQcm92aWRlcih0aGlzLCBcIlByb3ZpZGVyXCIsIHtcbiAgICAgIG9uRXZlbnRIYW5kbGVyOiB0aGlzLm9uRXZlbnRIYW5kbGVyLFxuICAgIH0pO1xuICB9XG59XG4iXX0=