Accounts¶
AWS account information is kept in the accounts/
directory. Each file in this directory
defines one AWS account, the filename is the name
of the account, with a .yml or .yaml extension.
accounts/
dev.yaml
master.yaml
prod.yaml
tools.yaml
Account¶
Cloud accounts.
The specially named master.yaml file is for the AWS Master account. It is the only account which can have the field organization_account_ids which is used to define and create the child accounts.
name: Master
title: Master AWS Account
is_master: true
account_type: AWS
account_id: '123456789012'
region: us-west-2
organization_account_ids:
- prod
- tools
- dev
root_email: master@example.com
name: Development
title: Development AWS Account
account_type: AWS
account_id: '123456789012'
region: us-west-2
root_email: dev@example.com
Field name | Type | Purpose | Constraints | Default |
---|---|---|---|---|
account_id | String | Account ID | Can only contain digits. | |
account_type | String | Account Type | Supported types: ‘AWS’ | AWS |
admin_delegate_role_name | String | Administrator delegate IAM Role name for the account | Paco-Organization-Account-Delegate-Role | |
admin_iam_users | Container<AdminIAMUsers> | Admin IAM Users | ||
is_master | Boolean | Boolean indicating if this a Master account | False | |
organization_account_ids | List<String> | A list of account ids to add to the Master account’s AWS Organization | Each string in the list must contain only digits. | |
region | String | Region to install AWS Account specific resources | Must be a valid AWS Region name | no-region-set |
root_email | String | The email address for the root user of this account | Must be a valid email address. |
Base Schemas Deployable, Named, Title
AdminIAMUser¶
An AWS Account Administerator IAM User
Field name | Type | Purpose | Constraints | Default |
---|---|---|---|---|
username | String | IAM Username |
Base Schemas Deployable, Named, Title