Organizations
  • What is Takomo Organizations?
  • Organization configuration
    • Introduction
    • Directory structure
    • Master account
    • Organizational units
    • Accounts
    • Policies
    • Deploying organization
  • Accounts
    • Creating accounts
    • Account aliases
    • Listing accounts
  • Account stacks
    • Config sets
    • Bootstrap config sets
    • Variables
    • Deploying config sets
    • Removing config sets
  • Command-line usage
    • Organization
      • Create organization
      • Describe organization
      • Deploy organization
    • Account
      • Create account
      • Create account alias
      • Delete account alias
      • List accounts
    • Account stacks
      • List accounts stacks
      • Deploy accounts
      • Undeploy accounts
      • Bootstrap accounts
      • Tear down accounts
Powered by GitBook
On this page
  • Usage
  • Positional arguments
  • Options
  • IAM permissions
  • Examples

Was this helpful?

  1. Command-line usage
  2. Account stacks

Bootstrap accounts

PreviousUndeploy accountsNextTear down accounts

Last updated 3 years ago

Was this helpful?

Bootstrap infrastructure configured with config sets to the specified organizational units and accounts.

Usage

tkm org accounts bootstrap [ou-path...] \
  [--account <account_id>]... \
  [--concurrent-accounts <number>] \
  [--config-set <config-set>] \
  [--command-path <command-path>]

Positional arguments

  • ou-path...

    • You can pass one or more organizational unit paths to bootstrap only the accounts that belong to organizational units located under the given paths in the organization hierarchy.

Options

In addition to the , this command has the following options.

  • --account <account id>

    • Choose accounts to bootstrap. You can use this option multiple times to specify more accounts.

  • --concurrent-accounts <number>

    • Number of accounts to bootstrap concurrently.

  • --config-set <config-set>

    • Bootstrap only this config set.

    • Optional.

  • --command-path <command-path>

    • Bootstrap only stacks under this command path.

    • Optional.

    • To use this option, also the --config-set option must be given.

IAM permissions

These are the minimum IAM permissions required to run this command.

Statement:
  - Effect: Allow
    Action:
      - organizations:ListRoots
      - organizations:ListTargetsForPolicy
      - organizations:ListAWSServiceAccessForOrganization
      - organizations:DescribePolicy
      - organizations:ListPolicies
      - organizations:ListAccountsForParent
      - organizations:ListAccounts
      - organizations:DescribeOrganization
      - organizations:ListOrganizationalUnitsForParent
    Resource: "*"

  # IAM permissions needed to assume role from the target accounts.
  # Specify resource to restrict access to specific roles.  
  - Sid: IAM
    Effect: Allow
    Action:
      - sts:AssumeRole
    Resource: "*"

Examples

Bootstrap all accounts in the organization.

tkm org accounts bootstrap

Bootstrap only accounts that belong to the organizational unit Root/Sandbox or to any organizational units under it.

tkm org accounts bootstrap Root/Sandbox
common options