org_struct#

AWS Organizations structure management and traversal interface.

This module provides an object-oriented interface for working with AWS Organizations, offering tree-based traversal, visualization, and relationship testing capabilities. It serves as the main entry point for the aws_organizations package.

Key Features:

Tree-based representation of AWS Organization structure
Visualization in ASCII, CSV, and Mermaid diagram formats
Account and OU traversal with recursive options
Parent-child relationship testing
Serialization and deserialization support

Ref:

Core concepts: https://docs.aws.amazon.com/whitepapers/latest/organizing-your-aws-environment/core-concepts.html

class aws_organizations.org_struct.NodeTypeEnum(value)[source]#: Valid node types in the organization tree structure.

class aws_organizations.org_struct.Node(id: str, name: str, type: str, obj: Union[Organization, OrganizationalUnit, Account], parent=None, children=None)[source]#

Represents a node in the AWS Organization tree structure.

This class extends anytree.NodeMixin to provide tree functionality. Each node represents either an Organization (root), OrganizationalUnit, or Account.

Parameters:

id – the id of the object on the node
name – human friendly name, the name of the object on the node
obj – the object on the node could be one of Organization, OrganizationUnit, and Account

property parent_id: Optional[str]#: Get parent node’s ID if parent exists.

property path_key: str#: Get parent node’s ID if parent exists.

iter_accounts(recursive: bool = True) → AccountIterproxy[source]#: Get iterator for account nodes with optional recursion.

iter_org_units(recursive: bool = True) → OrganizationUnitIterproxy[source]#: Get iterator for OU nodes with optional recursion.

property accounts: List[Account]#: List of direct child accounts.

property org_units: List[OrganizationalUnit]#: List of direct child OUs.

property all_accounts: List[Account]#: List of all descendant accounts.

property all_org_units: List[OrganizationalUnit]#: List of all descendant OUs.

property accounts_names: List[str]#: List of direct child account names.

property org_units_names: List[str]#: List of direct child OU names.

property all_accounts_names: List[str]#: List of all descendant account names.

property all_org_units_names: List[str]#: List of all descendant OU names.

class aws_organizations.org_struct.OrgStructure(root: Node)[source]#

Abstraction of the AWS Organization structure.

It is a tree structure of Organization, OrganizationalUnit, and Account.

API:

self.root is the root node of the tree.
self.visualize() can visualize the tree.
for ou in self.root.iter_org_units(recursive=True): can iterate all OU.
for acc in self.root.iter_org_accounts(recursive=True): can iterate all Accounts.
self.is_x_in_y() can test if an account / ou is in an ou or org.

Example:

>>> from boto_session_manager import BotoSesManager
>>> bsm = BotoSesManager() # or BotoSesManager(profile_name="my-profile")
>>> org_struct = OrgStructure.get_org_structure(bsm)
>>> org_struct.visualize()
Root (ROOT 'r-hnp9')
├── app (Org Unit 'ou-hnp9-vq6m3h5y')
│   └── myorg-app-dev (Account '222222222222')
├── infra (Org Unit 'ou-hnp9-cxgi4leg')
│   └── myorg-infra (Account '333333333333')
├── sandbox (Org Unit 'ou-hnp9-r7cuoq1v')
├── ml (Org Unit 'ou-hnp9-s4uirmja')
│   ├── myorg-ml-dev (Account '444444444444')
│   ├── myorg-ml-staging (Account '555555555555')
│   └── myorg-ml-prod (Account '666666666666')
└── awshsh-root (Account '111111111111')

>>> org_struct.root.organization_or_account_or_organizational_unit
Organization(id='o-a1b2c3d4', arn='arn:aws:organizations::111122223333:organization/o-a1b2c3d4')
>>> org_struct.root.accounts
...
>>> org_struct.root.org_units
...
>>> org_struct.root.all_accounts
...
>>> org_struct.root.all_org_units
...

property root_id: str#: Get the organization’s root ID.

visualize() → str[source]#: Visualize the organization structure tree. It returns a string that can be printed.

to_csv_data() → Tuple[List[str], List[List[str]]][source]#: Generate CSV data representation.

to_csv(sep='\t') → str[source]#: Generate CSV string representation.

to_mermaid() → str[source]#: Generate Mermaid diagram representation.

get_node_by_id(id: str) → Node[source]#: Get a node by id. For Organization Unit, it’s the OU id. For Account, it’s the account id. (The Node.id attributes).

get_node_by_name(name: str) → Node[source]#: Get a node by name (The Node.name attributes).

is_x_in_y(x: Union[Node, Organization, OrganizationalUnit, Account, str], y: Union[Node, Organization, OrganizationalUnit, Account, str]) → bool[source]#: Test if an account / ou is in an ou or org.

classmethod get_org_structure(bsm: BotoSesManager) → OrgStructure[source]#

Get the root node of the organization structure tree.

This method recursively traverses the organization structure starting from the root, building a complete tree of OUs and accounts.

Parameters:: bsm – the boto session manager of any AWS Account that is in the desired organization, doesn’t have to be the management AWS Account (Root).

serialize() → dict[source]#

Serialize the organization structure tree to a dictionary.

You can save the dictionary to a file as a cache.

classmethod deserialize(data: dict) → OrgStructure[source]#: Deserialize the organization structure tree from a dictionary.