def bootstrap_spokes_in_ou(ou_path_or_id, role_name, iam_role_arns, permission_boundary): org_iam_role_arn = config.get_org_iam_role_arn() puppet_account_id = config.get_puppet_account_id() if org_iam_role_arn is None: click.echo('No org role set - not expanding') else: click.echo('Expanding using role: {}'.format(org_iam_role_arn)) with betterboto_client.CrossAccountClientContextManager( 'organizations', org_iam_role_arn, 'org-iam-role') as client: tasks = [] if ou_path_or_id.startswith('/'): ou_id = client.convert_path_to_ou(ou_path_or_id) else: ou_id = ou_path_or_id logging.info(f"ou_id is {ou_id}") response = client.list_children_nested(ParentId=ou_id, ChildType='ACCOUNT') for spoke in response: tasks.append( management_tasks.BootstrapSpokeAsTask( puppet_account_id=puppet_account_id, account_id=spoke.get('Id'), iam_role_arns=iam_role_arns, role_name=role_name, permission_boundary=permission_boundary, )) runner.run_tasks_for_bootstrap_spokes_in_ou(tasks)
def bootstrap_spokes_in_ou(ou_path_or_id, role_name, iam_role_arns, permission_boundary, num_workers=10): puppet_account_id = config.get_puppet_account_id() org_iam_role_arn = config.get_org_iam_role_arn(puppet_account_id) if org_iam_role_arn is None: click.echo("No org role set - not expanding") else: click.echo("Expanding using role: {}".format(org_iam_role_arn)) with betterboto_client.CrossAccountClientContextManager( "organizations", org_iam_role_arn, "org-iam-role") as client: tasks = [] if ou_path_or_id.startswith("/"): ou_id = client.convert_path_to_ou(ou_path_or_id) else: ou_id = ou_path_or_id logging.info(f"ou_id is {ou_id}") response = client.list_children_nested(ParentId=ou_id, ChildType="ACCOUNT") for spoke in response: tasks.append( management_tasks.BootstrapSpokeAsTask( puppet_account_id=puppet_account_id, account_id=spoke.get("Id"), iam_role_arns=iam_role_arns, role_name=role_name, permission_boundary=permission_boundary, )) runner.run_tasks_for_bootstrap_spokes_in_ou(tasks, num_workers)