Creates a base landing zone with logging account , security account and a dev account
-
AWS Account with organization enabled
-
and Trusted Access Enabled in AWS Cloudformation Stackset
-
Deploy the initialsetup.yaml in cloudformation, which will create a service catalog.
a) DefaultBaseline Product b) Security Account Build Product c) Log Account Build Product d) Dev Account Build Product e) Account Factory Product (For Future New Accounts)
-
After Initial setup, launch a log account product
-
After Log Account Product, launch Security account product
-
After Security launch Dev Account product
-
Atlast launch Default baseline product
Initially log and security account have a initial baseline which launches s3 bucket in log account, guardduty and Adminrole and readonly role in security account. And there is Default Account Baseline which is common for all accounts and it is deployed via stacksets to accounts in organization.
Make sure before initial setup upload all the files in your aws s3 bucket in the exact same order. Thank you