DEV Community

Michael Rowlinson
Michael Rowlinson

Posted on

Diagram AWS Org Accounts

Repo for code

Many enterprises in AWS are leveraging AWS Organizations and AWS SSO for central management of accounts and access.

In larger organizations with many accounts, it can require a lot of clicking to figure out what the applied SCPs and permission sets are for a given account.

Enter aws-org-mapper.

This simple python script collects information from both the Organization and SSO services and produces an HTML document that contains a diagram for each account. Each account diagram shows the associated OUs, SCPs, and permission sets.

Diagraming courtesy of Mermaid JS

To get started,

  1. clone down the repo
  2. ensure you have python 3.8+ and boto3 installed
  3. ensure aws credentials are available
  4. execute the script python aws-org-mapper.py
  5. open aws-org-mapper.html file generated in directory

Thanks for reading. Peace!

Top comments (0)