Why I Am Not Using AWS Organizational Unit for My Environment Name

ACM.363 Complications querying organizational data from AWS child accounts

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Part of my series on Automating Cybersecurity Metrics. The Code.

🔒 Related Stories: AWS Security | AWS Organizations

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

In the last post I created a directory structure for CloudFormation templates based on the CloudFormation documentation.

Generating A Directory Structure For CloudFormation Templates

In this post I am thinking about moving my templates around to deploy SSM parameters, but first I am going to explain how I would rather implement my environment and organization name, if I could.

Recall that I want to create environments and each account in the environment is going to have three SSM parameters:

org
env
adminaccount

I started thinking about this a bit more and really the environment is the OU name. For my example accounts I’ve been working with…