Comment on page
Accounts
Every account of your AWS organization belongs to some OU. To place an account to an OU, you add the account to the
accounts
property of the OU in question. The accounts
property is a list that accepts plain account ids and account objects that let you provide additional account-specific configuration.AWS account id may begin with zero and that is why account ids must always be strings in Takomo configuration, i.e., the id must be quoted like so "012345678901".
Here's an example of how to put accounts into OUs. The account 876754648373 is defined with object notation. The other accounts are defined as plain account ids.
organization/organization.yml
masterAccountId: "098765432100"
organizationalUnits:
Root:
accounts:
# This is the organization master account
- "098765432100"
Root/Workloads/Dev: {}
Root/Workloads/Test: {}
Root/Workloads/Prod:
accounts:
# Account using the object notation
- id: "876754648373"
Root/Sandbox:
# Only the id is given for these accounts
accounts:
- "123456789012"
- "448873940474"
The account id is the only required information for accounts. With object notation, you can provide additional information.
You can specify the account name with the
name
property. The name helps you to identify the account. Takomo uses the name to verify that the account configuration is valid, i.e., there actually exists an account with the given id and name.Please note that Takomo won't update the actual account name to match what you have defined in the configuration.
Here's how to specify the name for account 876754648373..
organization/organization.yml
masterAccountId: "098765432100"
organizationalUnits:
Root:
accounts:
- "098765432100"
Root/Workloads/Dev: {}
Root/Workloads/Test: {}
Root/Workloads/Prod:
accounts:
- id: "876754648373"
# Account name is specified like this
name: MyAccount
Root/Sandbox:
accounts:
- "123456789012"
- "448873940474"
You can specify the account email with the
email
property. The email helps you to identify the account. Takomo uses the email to verify that the account configuration is valid, i.e., there actually exists an account with the given id and email.Please note that Takomo won't update the actual account email to match what you have defined in the configuration.
Here's how to specify the email for account 876754648373.
organization/organization.yml
masterAccountId: "098765432100"
organizationalUnits:
Root:
accounts:
- "098765432100"
Root/Workloads/Dev: {}
Root/Workloads/Test: {}
Root/Workloads/Prod:
accounts:
- id: "876754648373"
name: MyAccount
# Account email is specified like this
email: [email protected]
Root/Sandbox:
accounts:
- "123456789012"
- "448873940474"
You can give a short description for an account with the
description
property.Here's how to specify the description for account 876754648373.
organization/organization.yml
masterAccountId: "098765432100"
organizationalUnits:
Root:
accounts:
- "098765432100"
Root/Workloads/Dev: {}
Root/Workloads/Test: {}
Root/Workloads/Prod:
accounts:
- id: "876754648373"
name: MyAccount
email: [email protected]
# Account description is specified like this
description: This is a production account
Root/Sandbox:
accounts:
- "123456789012"
- "448873940474"