Deploying organization
You use the deploy organization command to make your AWS organization match the configuration found in the organization configuration file.
Example
This is how you deploy your configuration:
tkm org deploy
Organization admin role
By default, Takomo uses the credentials currently available in the terminal session to execute operations that query information from the organization and alter its state.
You can also instruct Takomo to use a specific IAM role to perform these organization management operations by setting the organizationAdminRoleName
property in the organization configuration.
Example
This is how you set the organization admin role.
masterAccountId: "098765432100"
# This is how you tell Takomo to use an IAM role
# named 'MyOrganizationAdminRole' when executing
# organization management actions.
organizationAdminRoleName: MyOrganizationAdminRole
serviceControlPolicies:
restrict-by-regions:
description: Restrict regions
FullAWSAccess:
description: AWS managed default policy
awsManaged: true
backupPolicies:
MyBackups:
description: Backup policy
organizationalUnits:
Root:
serviceControlPolicies: FullAWSAccess
accounts:
- "098765432100"
Root/Workloads:
serviceControlPolicies: restrict-by-regions
Root/Workloads/Dev: {}
Root/Workloads/Test: {}
Root/Workloads/Prod:
accounts:
- id: "876754648373"
name: MyAccount
email: [email protected]
description: This is a production account
Root/Sandbox:
accounts:
- id: "123456789012"
backupPolicies:
- MyBackups
- "448873940474"
Last updated
Was this helpful?