Tools to manage AWS Organizations
Project description
A configuration management tool set for AWS Organizations.
Full documentation is available at https://aws-orgs.readthedocs.io/en/latest
Features
Ensure state of AWS Organizations and IAM resourses per yaml formatted specification files.
Configure AWS Organizations resources:
organizational units
service control policies
account creation and organizational unit placement
Centrally manage IAM access across AWS Organization accounts:
IAM users/groups in a central Auth account
customer managed IAM policies
IAM roles and trust delegation in organization accounts
Installation
Python virtual environment (recommended):
source ~/path_to_my_venv/bin/activate pip install aws-orgs
Editable copy in venv:
git clone https://github.com/ucopacme/aws-orgs pip install -e aws-orgs/
Uninstall:
pip uninstall aws-orgs
Configuration quick start
Run the awsorgs-spec-init script to generate an initial set of spec-files:
awsorgs-spec-init
This generates an initial config.yaml spec files under ~/.awsorgs. Edit these as needed to suit your environment.
See --help option for full usage.
Console Scripts
aws-orgs provides the following python executibles:
- awsorgs
Manage recources in an AWS Organization.
- awsaccounts
Manage accounts in an AWS Organization.
- awsauth
Manage users, group, and roles for cross account access in an AWS Organization.
- awsloginprofile
Manage AWS IAM user login profile.
All commands execute in dry-run mode by default. Include the --exec flag to affect change to AWS resources. Run each of these with the ‘–help’ option for usage documentation.
awsorgs report awsorgs organization awsorgs organization --exec awsaccounts report awsaccounts create [--exec] awsaccounts alias [--exec] awsaccounts invite --account-id ID [--exec] # from invited account: awsorgs-accessrole --master_id ID [--exec] awsauth report awsauth report --users awsauth report --delegations awsauth report --credentials --full awsauth report --account ucpath-prod --users --full awsauth users [--exec] awsauth delegations [--exec] awsauth local-users [--exec] awsloginprofile maryanne awsloginprofile maryanne --new awsloginprofile maryanne --reset awsloginprofile maryanne --disable-expired --opt-ttl 48
- Author:
Ashley Gould (agould@ucop.edu)
- Version:
0.3.1
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file aws-orgs-0.3.4.tar.gz.
File metadata
- Download URL: aws-orgs-0.3.4.tar.gz
- Upload date:
- Size: 52.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/2.0.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/41.4.0 requests-toolbelt/0.9.1 tqdm/4.32.1 CPython/3.7.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 028592b5791c5b64aacc1e6308015a9b18c52f7e915bf9fb124f156afbf17254 |
|
| MD5 | d12e817e13ce714b825f6a6c316cb571 |
|
| BLAKE2b-256 | 9fbaee563bff71ec8c06e0eccd7aff1b776369bee668b8fe55739a0369c68521 |
File details
Details for the file aws_orgs-0.3.4-py3-none-any.whl.
File metadata
- Download URL: aws_orgs-0.3.4-py3-none-any.whl
- Upload date:
- Size: 48.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/2.0.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/41.4.0 requests-toolbelt/0.9.1 tqdm/4.32.1 CPython/3.7.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | f55f14c6a1d5b566366cb771f415256ae8c49366535f3ad9a1c42302089f5872 |
|
| MD5 | 88be2a2c6799975d5215883b76eb632d |
|
| BLAKE2b-256 | 0f28bdfb9dfe61c084cd7d1b87ba0665e300bf518a6700ea60472098f29c5884 |
