- organization
- organization tasks
- budget alarms
- cloudtrail
- guardduty
- subdomains
- cross account bucket
- cross account role
- cross account role with alarm
- cross account secret
- cross account lambda
- wildcard certs (2 regions)
- custom account creation workflow
Basic organization that demonstrates most of the IaC features for AWS Organizations: organization.yml
Basic taskfile that contains all examples below: organization-tasks.yml. Includes another taskfile organization-iam-tasks.yml which contains roles.
Basic example on how to create budget alarms based on tags that are defined on the account.
Example on how to do a basic cloud trail implementation. Demonstrates cross account references
Example on how to do a basic guardduty implementation. Demonstrates cross account references / ForeachElement / DependsOnAccount
Example on how to provision route 53 subdomains for all accounts within your organization based on a tag and including a root hosted zone in the organization master account.
Reusable template to do cross account access to S3 bucket.
templates/cross-account-bucket.yml
Reusable template to do cross account IAM roles.
templates/cross-account-role.yml
Reusable template to do cross account IAM roles with an alarm (based on CloudTrail)
templates/cross-account-role-with-alarm.yml
Reusable template to do cross account secretsmanager secrets.
templates/cross-account-secret.yml
Reusable template to do cross account lambdas. Assumes the lambda is deployed by another means (serverless? SAM?)
templates/cross-account-lambda.yml
Template that demonstrates provisioning wildcard certificates in both us-east-1 and another region while having the ARNs to these certicates stored locally in SSM.
Serverless project that demonstrate how to customize and extern the account creation process using CloudWatch/ EventBridge event rules and StepFunctions
