https://github.com/grendel-consulting/cloud-factory-baseline

Global customisations used in the Account Factory for Terraform
https://github.com/grendel-consulting/cloud-factory-baseline

aft aws control-tower

Last synced: 20 days ago
JSON representation

Global customisations used in the Account Factory for Terraform

• Host: GitHub
• URL: https://github.com/grendel-consulting/cloud-factory-baseline
• Owner: grendel-consulting
• License: mit
• Created: 2023-04-07T09:27:45.000Z (about 3 years ago)
• Default Branch: main
• Last Pushed: 2025-03-09T07:51:32.000Z (over 1 year ago)
• Last Synced: 2025-03-09T08:25:55.818Z (over 1 year ago)
• Topics: aft, aws, control-tower
• Language: HCL
• Homepage:
• Size: 466 KB
• Stars: 0
• Watchers: 3
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • Contributing: .github/CONTRIBUTING.md
  • License: LICENSE
  • Codeowners: .github/CODEOWNERS
  • Security: .github/SECURITY.md
  • Support: .github/SUPPORT.md

Awesome Lists containing this project

README

          
# Cloud Factory (Global) Baseline

[![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/grendel-consulting/cloud-factory-baseline/badge)](https://scorecard.dev/viewer/?uri=github.com/grendel-consulting/cloud-factory-baseline)

Definitions for use with the Account Factory for Terraform (AFT) framework. Global Customizations are used to customize **all** provisioned accounts with customer defined resources. The resources can be created through Terraform or through Python, leveraging the API helpers. The customization run is parameterized at runtime.

## Usage

### Terraform

You can see AFT-provided Jinja templates for the Terraform backend and providers. These are rendered at the time the Terraform is applied. Further providers can be defined by creating a `providers.tf` file, as needed.

Define your own Terraform resources, placing `.tf` files in the 'terraform' directory or as submodules to it.

### API Helpers

Define any scripts that need to run before/after Terraform using the bash entry points. You can extend these to run Python scripts or to perform other actions, such as leveraging the AWS CLI.

Within the `api_helpers/python` folder is a requirements.txt, where you can specify packages to be installed via PIP.

## Deployment

Deployment must presently be triggered manually - and should be across the whole AWS Organization - through [re-invoking an AWS Step Function](https://docs.aws.amazon.com/controltower/latest/userguide/aft-account-customization-options.html#aft-re-invoke-customizations) in the factory management OU.

## Further Reading

See: [AFT Global Customizations](https://github.com/aws-ia/terraform-aws-control_tower_account_factory/tree/main/sources/aft-customizations-repos/aft-global-customizations)