ACM.410 Explore Implementing the AWS Organizations Organizational Unit Hierarchy: Do Your Service Control Policies Still Apply?
My last article shows how to recursively query the ID associated with an AWS organizational unit.
In this article, I want to look at an issue that may arise in your account when deploying organizational units with CloudFormation stacks.
Remember this is the OR structure I wanted to create:
But it seems I made a mistake because nonprod should be deploying and it ended up at a higher level under orgadmin.
So how can I solve this problem?
Well, what happens if I just redeploy the resource after fixing the deployment script to pass the correct parent name? What will it do?
I correct the name of the parent OU in the nonprod deployment script:
Now, instead of redeploying all my OUs with my all script, I can deploy only this single OU.
That’s the beauty of micro-patterns.
I am redeploying my non-production OU:
While I’m here, I’m replacing this ugly code: