Organization API Requester

API Gateway and Lambda Function to Manage the AWS Organizations Service

aws-services

How to Send Requests

To get the list of accounts

const Credentials = {
  "AccessKeyId": "",
  "SecretAccessKey": "",
  "SessionToken": ""
}
path: /account
method : GET
headers: {
  "Credentials": base64_encoded_Credentials_String,
}

To get the detail of an account

Credentials = {
  "AccessKeyId": "",
  "SecretAccessKey": "",
  "SessionToken": ""
}
path: /account?accountId=<aws_account_id>
method : GET
headers: {
  "Credentials": base64_encoded_Credentials_String,
}

To get the detail of account creation progress

Credentials = {
  "AccessKeyId": "",
  "SecretAccessKey": "",
  "SessionToken": ""
}
path: /account?requestId=<account_creation_request_id>
method : GET
headers: {
  "Credentials": base64_encoded_Credentials_String,
}

To create an account

Credentials = {
  "AccessKeyId": "",
  "SecretAccessKey": "",
  "SessionToken": ""
}
path: /account
method : POST
headers: {
  "Credentials": base64_encoded_Credentials_String,
}
data:
{
  name: "<account_name>",
  email: "<account_email_address>",
  checkStatus: true/false
}

How To Setup a CodePipeline

Launch Stack

Input Parameter Values

  • CloudformationLambdaExecutionRoleArn:

    Enter ARN of IAM Role for Cloudformation to create changesets and target stack. If you already created one or more CodePipeline that uses Cloudformation, this role should have been created already, so you can use the same role, 'cloudformation-lambda-execution-role'. If not, please create a role with the same name with Trust Relationships and Policy Document defined here.

  • CodePipelineServiceRoleArn:

    Enter ARN of IAM Role for CodePipeline to be executed. If you already created one or more CodePipeline, this role should have been created already, so you can use the same role, 'AWS-CodePipeline-Service'. If not, please create a role with the same name with Trust Relationships and Policy Document defined here.

  • CustomAuthorizerIAMRoleName:

  • CustomAuthorizerLambdaName:

  • EncryptionLambdaName:

  • GitHubPersonalAccessToken:

    Access Token for CodeBuild to access to the this Github repository. (See here to find how to generate the access token).

  • GitHubSourceRepositoryBranch: master

  • GitHubSourceRepositoryName: aws-services-organizations

  • GitHubSourceRepositoryOwner: SungardAS

  • ParameterOverrides:

  • ProjectImage: aws/codebuild/nodejs:8.11.0

How To Test Lambda Functions

  • $ cd tests
  • $ python test_handler.py

Sungard Availability Services | Labs

This project is maintained by the Labs group at Sungard Availability Services

GitHub: https://sungardas.github.io

Blog: http://blog.sungardas.com/CTOLabs/