This tutorial will walk you through how to use the “Managing Organizational Units” feature.
We will assume you have:
We are going to perform the following steps to “Managing Organizational Units”:
Here are the steps you need to follow to “Managing Organizational Units”
To create an organizational unit you must create an organizational-units entry in your manifest file:
organizational-units:
workloads-production:
path: "/workloads/production"
create_in:
accounts:
- account_id: "012345678910"
regions: "default_region"
tags:
- Key: "WorkloadType"
Value: "Production"
The snippet above will create a workloads OU within the root of your organization and will then create a production OU within it. If either of the two OUs exist already this solution will not try to recreate them.
When this solution creates the OU it will assign the tags you have specified.
AWS Organization API throttling limits are associated to your management account and shared between all consumers. It is best practice to reduce the calls you make to AWS Organizations. To reduce the calls you can specify parent_ou_id within the configuration. This will stop the solution from ‘looking up’ the OUs parent using the API and thus save you some API calls.
organizational-units:
workloads-production:
path: "/workloads/production"
parent_ou_id: "ou-aaaa-bbbbbbbb"
create_in:
accounts:
- account_id: "012345678910"
regions: "default_region"
tags:
- Key: "WorkloadType"
Value: "Production"