Recursive OU deployment targets

aws-solutions / aws-control-tower-customizations

The Customizations for AWS Control Tower solution combines AWS Control Tower and other highly-available, trusted AWS services to help customers more quickly set up a secure, multi-account AWS environment using AWS best practices.

https://docs.aws.amazon.com/controltower/latest/userguide/cfct-overview.html

Apache License 2.0

355 stars 205 forks source link

Recursive OU deployment targets #141

Closed afroman-lw closed 1 year ago

afroman-lw commented 1 year ago

It's annoying when you have to specify the nested OUs several layers deep when you want to apply the resource to all accounts in a parent OU.

Rather than specifying each specific OU path:

organizational_units:
  - OuName1:OUName2:OUName3
  - OuName1:OUName2:OUName4
  - OuName1:OUName5:OUName6

You should only need to specify a top level OU and it gets applied to all lower accounts. Like how SCPs work:

organizational_units:  
  - OuName1

hanafya commented 1 year ago

Hello! We currently have a backlog for this feature! Duplicate issue https://github.com/aws-solutions/aws-control-tower-customizations/issues/131