Removed SCP removal from accounts (#711)

Co-authored-by: Charlie Llewellyn <cjl@amazon.co.uk>
Co-authored-by: Brian969 <56414362+Brian969@users.noreply.github.com>

Author: 3 people

src/core/runtime/src/add-scp-step.ts

@@ -84,11 +84,12 @@ export const handler = async (input: AddScpInput) => {
   const acceleratorOuIds = organizationalUnits.map(ou => ou.ouId);
   const acceleratorAccountIds = accounts.map(a => a.id);
   const acceleratorTargetIds = [...rootIds, ...acceleratorOuIds, ...acceleratorAccountIds];
+  const acceleratorTargetOuIds = [...rootIds, ...acceleratorOuIds];
 
   // Detach non-Accelerator policies from Accelerator accounts
   await scps.detachPoliciesFromTargets({
     policyNamesToKeep: acceleratorPolicyNames,
-    policyTargetIdsToInclude: acceleratorTargetIds,
+    policyTargetIdsToInclude: acceleratorTargetOuIds,
   });
 
   await scps.attachFullAwsAccessPolicyToTargets({