1. Answers
  2. How To Create AWS Org With Prod, PreProd, And Sandbox?

How to Create AWS Org With Prod, PreProd, and Sandbox?

Introduction

In this guide, we will walk through the process of creating an AWS Organization with three accounts: Prod, PreProd, and Sandbox. We will use Pulumi, a modern infrastructure as code platform, to define and manage these resources. The key services involved include AWS Organizations and IAM for managing accounts and permissions.

Step-by-Step Explanation

Step 1: Set Up Pulumi

  1. Install Pulumi CLI if you haven’t already:
    curl -fsSL https://get.pulumi.com | sh
  2. Log in to Pulumi:
    pulumi login
  3. Create a new Pulumi project:
    pulumi new aws-typescript

Step 2: Define AWS Organization and Accounts

  1. Open the index.ts file in your Pulumi project.
  2. Import the necessary Pulumi and AWS SDK packages:
    import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
  3. Create the AWS Organization:
    const org = new aws.organizations.Organization("my-org", {
    featureSet: "ALL",
});
  4. Create the Prod account:
    const prodAccount = new aws.organizations.Account("prod-account", {
    email: "prod@example.com",
    name: "Prod",
    roleName: "OrganizationAccountAccessRole",
    parentId: org.roots[0].id,
});
  5. Create the PreProd account:
    const preProdAccount = new aws.organizations.Account("preprod-account", {
    email: "preprod@example.com",
    name: "PreProd",
    roleName: "OrganizationAccountAccessRole",
    parentId: org.roots[0].id,
});
  6. Create the Sandbox account:
    const sandboxAccount = new aws.organizations.Account("sandbox-account", {
    email: "sandbox@example.com",
    name: "Sandbox",
    roleName: "OrganizationAccountAccessRole",
    parentId: org.roots[0].id,
});

Step 3: Deploy the Stack

  1. Preview the changes:
    pulumi preview
  2. Deploy the stack:
    pulumi up
  3. Confirm the deployment by typing yes when prompted.

Summary

In this guide, we created an AWS Organization with three accounts: Prod, PreProd, and Sandbox using Pulumi. We defined the organization and accounts in TypeScript and deployed them using the Pulumi CLI. This setup allows for structured and manageable AWS environments for different stages of development and production.

Full Code Example

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Create the AWS Organization
const org = new aws.organizations.Organization("my-org", {
    featureSet: "ALL",
});

// Create the Prod account
const prodAccount = new aws.organizations.Account("prod-account", {
    email: "prod@example.com",
    name: "Prod",
    roleName: "OrganizationAccountAccessRole",
    parentId: org.roots[0].id,
});

// Create the PreProd account
const preProdAccount = new aws.organizations.Account("preprod-account", {
    email: "preprod@example.com",
    name: "PreProd",
    roleName: "OrganizationAccountAccessRole",
    parentId: org.roots[0].id,
});

// Create the Sandbox account
const sandboxAccount = new aws.organizations.Account("sandbox-account", {
    email: "sandbox@example.com",
    name: "Sandbox",
    roleName: "OrganizationAccountAccessRole",
    parentId: org.roots[0].id,
});

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up