Member-only story

Why I Am Not Using AWS Organizational Unit for My Environment Name

ACM.363 Complications querying organizational data from AWS child accounts

Teri Radichel

Published in

Cloud Security

4 min readNov 2, 2023

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Part of my series on Automating Cybersecurity Metrics. The Code.

🔒 Related Stories: AWS Security | AWS Organizations

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

In the last post I created a directory structure for CloudFormation templates based on the CloudFormation documentation.

Generating A Directory Structure For CloudFormation Templates

ACM.362 Leveraging the AWS documentation to create a directory structure for CloudFormation templates

medium.com

In this post I am thinking about moving my templates around to deploy SSM parameters, but first I am going to explain how I would rather implement my environment and organization name, if I could.

Recall that I want to create environments and each account in the environment is going to have three SSM parameters:

org
env
adminaccount

I started thinking about this a bit more and really the environment is the OU name. For my example accounts I’ve been working with…

Why I Am Not Using AWS Organizational Unit for My Environment Name

ACM.363 Complications querying organizational data from AWS child accounts

Generating A Directory Structure For CloudFormation Templates

ACM.362 Leveraging the AWS documentation to create a directory structure for CloudFormation templates

Published in Cloud Security

Written by Teri Radichel