I wanted to open a thread for discussion on ecosystem ideas for improving the experience with working within the context of an AWS Organization as the product reaches maturity for resource sharing / account sharing / cross-account access etc.
An example of what I mean is for grantables / iam permissions, a very nice feature on L2's would be something like a grantOrg method. I think it goes much deeper than that but that's the general idea. This isn't about L2's for AWS Org resources, but for interacting and managing AWS accounts and resources at a rudimentary level of the framework that exist within the context of an Org / Org Unit. Organizations has added a ton of functionality on access controls over the last couple years that could be built into the cdk w/ convenience methods
Use Case
Improved experience for building AWS infra within context of a large organization
Proposed Solution
Issue is more for for a broader discussion of what type of utilities for interacting with an Org should be added to low level base classes in cdk
Other Information
No response
Acknowledgements
[ ] I may be able to implement this feature request
Describe the feature
I wanted to open a thread for discussion on ecosystem ideas for improving the experience with working within the context of an AWS Organization as the product reaches maturity for resource sharing / account sharing / cross-account access etc.
An example of what I mean is for grantables / iam permissions, a very nice feature on L2's would be something like a
grantOrgmethod. I think it goes much deeper than that but that's the general idea. This isn't about L2's for AWS Org resources, but for interacting and managing AWS accounts and resources at a rudimentary level of the framework that exist within the context of an Org / Org Unit. Organizations has added a ton of functionality on access controls over the last couple years that could be built into the cdk w/ convenience methodsUse Case
Improved experience for building AWS infra within context of a large organization
Proposed Solution
Issue is more for for a broader discussion of what type of utilities for interacting with an Org should be added to low level base classes in cdk
Other Information
No response
Acknowledgements
CDK version used
2.167.0
Environment details (OS name and version, etc.)
MacOS