Skip to content

Adding support for account-specific SCP deployment. #395

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
sbkok merged 10 commits into from
Nov 12, 2021
Merged

Adding support for account-specific SCP deployment. #395

Changes from 1 commit
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
ceadb67
Adding support for account-specific SCP deployment.
Oct 25, 2021
b79d3a5
Clean-up and add tests for new functionality
Nov 9, 2021
8712ada
Linting clean-up
Nov 9, 2021
8ce1433
Fixing bad function reference.
Nov 9, 2021
bdc1946
Updating admin guide with account-specific SCP instructions.
Nov 9, 2021
d3c32c8
Update docs/admin-guide.md
srabidoux Nov 11, 2021
03ebf5a
Update docs/admin-guide.md
srabidoux Nov 11, 2021
730e3dd
Update docs/admin-guide.md
srabidoux Nov 11, 2021
b08e4d6
Merge branch 'master' into master
StewartW Nov 12, 2021
c99d685
Merge branch 'master' into master
sbkok Nov 12, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 21 additions & 2 deletions ...bda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/organizations.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,15 +54,25 @@ def trim_policy_path(policy):

def get_organization_map(self, org_structure, counter=0):
for name, ou_id in org_structure.copy().items():
if ou_id[0] not in ['r','o']:
continue
# List OUs
for organization_id in [organization_id['Id'] for organization_id in paginator(self.client.list_children, **{"ParentId":ou_id, "ChildType":"ORGANIZATIONAL_UNIT"})]:
if organization_id in org_structure.values() and counter != 0:
continue
ou_name = self.describe_ou_name(organization_id)
trimmed_path = Organizations.trim_policy_path("{0}/{1}".format(name, ou_name))
org_structure[trimmed_path] = organization_id
# List accounts
for account_id in [account_id['Id'] for account_id in paginator(self.client.list_children, **{"ParentId":ou_id, "ChildType":"ACCOUNT"})]:
if account_id in org_structure.values() and counter != 0:
continue
account_name = self.describe_account_name(account_id)
trimmed_path = Organizations.trim_policy_path("{0}/{1}".format(name, account_name))
org_structure[trimmed_path] = account_id
counter = counter + 1
# Counter is greater than 4 here is the conditional as organizations cannot have more than 5 levels of nested OUs
return org_structure if counter > 4 else self.get_organization_map(org_structure, counter)
# Counter is greater than 5 here is the conditional as organizations cannot have more than 5 levels of nested OUs + 1 accounts "level"
return org_structure if counter > 5 else self.get_organization_map(org_structure, counter)

def update_policy(self, content, policy_id):
self.client.update_policy(
Expand Down Expand Up @@ -162,6 +172,15 @@ def describe_ou_name(self, ou_id):
except ClientError as error:
raise RootOUIDError("OU is the Root of the Organization") from error

def describe_account_name(self, account_id):
try:
response = self.client.describe_account(
AccountId=account_id
)
return response['Account']['Name']
except ClientError as error:
raise

@staticmethod
def determine_ou_path(ou_path, ou_child_name):
return '{0}/{1}'.format(ou_path,
Expand Down