Merge pull request #25 from jplock/jp-ou-names

[fix] configurable OU names
aws-samples · Feb 13, 2025 · 0bb968d · 0bb968d
2 parents 59f8170 + 1a91598
commit 0bb968d
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -47,6 +47,8 @@ This repository contains a collection of [AWS CloudFormation](https://aws.amazon
 | pRegions                 | CommaDelimitedList | us-east-1 | Comma-delimited list of AWS Regions |
 | pSandboxOuName           | String | Sandbox | Name of the organizational unit for sandbox AWS accounts |
 | pSecurityOuName          | String | Security_Prod | Name of the organizational unit for security-related AWS accounts |
+| pWorkloadsOuName         | String | Workloads | Name of the organizational unit for workload AWS accounts |
+| pInfrastructureOuName    | String | Infrastructure | Name of the organization unit for infrastructure AWS accounts |
 | pGithubOrganization      | String | _None_ | GitHub Organization |
 | pCreateNewAwsOrg         | String | Yes | Whether to create a new AWS Organization or not |
 | pOrganizationId          | String | _None_ | Existing AWS Organization ID |

diff --git a/github_ci_template.yml b/github_ci_template.yml
@@ -73,6 +73,7 @@ Resources:
                   - "lambda:GetRuntimeManagementConfig"
                   - "lambda:InvokeFunction"
                   - "lambda:UpdateFunctionCode"
+                  - "lambda:UpdateFunctionConfiguration"
                   - "logs:DescribeLogGroups"
                   - "logs:ListTagsForResource"
                   - "logs:TagResource"

diff --git a/template.yml b/template.yml
@@ -44,6 +44,14 @@ Parameters:
     Type: String
     Description: Organizational Unit (OU) for security accounts
     Default: Security_Prod
+  pWorkloadsOuName:
+    Type: String
+    Description: Organizational Unit (OU) for workloads accounts
+    Default: Workloads
+  pInfrastructureOuName:
+    Type: String
+    Description: Organizational Unit (OU) for infrastructure accounts
+    Default: Infrastructure
   pGithubOrganization:
     Type: String
     Description: GitHub Organization or User
@@ -423,7 +431,7 @@ Resources:
     Type: "AWS::Organizations::OrganizationalUnit"
     DependsOn: rOrgWaiter
     Properties:
-      Name: Infrastructure
+      Name: !Ref pInfrastructureOuName
       ParentId: !If
         - cHasOrganizationRootId
         - !Ref pOrganizationRootId
@@ -453,7 +461,7 @@ Resources:
     Type: "AWS::Organizations::OrganizationalUnit"
     DependsOn: rOrgWaiter
     Properties:
-      Name: Workloads
+      Name: !Ref pWorkloadsOuName
       ParentId: !If
         - cHasOrganizationRootId
         - !Ref pOrganizationRootId