aws-deployment-framework
aws-control-tower-customizations
aws-deployment-framework | aws-control-tower-customizations | |
---|---|---|
4 | 3 | |
636 | 346 | |
1.3% | 0.9% | |
8.3 | 2.8 | |
8 days ago | about 2 months ago | |
Python | Python | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
aws-deployment-framework
-
Sync AWS CodeCommit repositories
In some scenarios you might have the need to replicate an AWS CodeCommit repository. When I was setting up a test organization using AWS Deployment Framework (ADF) I ran into this myself. Because I want to test the deployment of my landing zone I needed to have a close replica. This includes the CodeCommit setup. But at the same time I did not want to change the development workflow. The workflow is pretty straight forward. You create a feature branch to work in. When you are ready you merge it to a development branch. When it needs to go to production you merge it into the main branch. So we will use the development branch to deploy to the test organization. But, because the test organization is a replica of production. Merging to the development branch would not have effect on the test organization. For this we need to synchronize the development branch to the test organization.
-
Testing your Landing Zone when using AWS Deployment Framework
Within AWS Organizations you can apply Service control policies (SCPs). All AWS Accounts under the OU (Organization Unit) with the SCP will be subjective to this SCP. What if you need to make a change in this SCP? How can you test this change? SCPs are not the only things you might want to test. Remember that I mentioned that ADF is also bootstrapping the accounts? That could be a VPC with subnets for networking. How do you ensure that the change that you made works as intended? When merging to your main branch. It will trigger a rollout process depending on your configuration.
-
Customising AWS Control Tower with CfCT
AWS Deployment Framework (ADF)
- CDK pipelines for managing AWS Organizations
aws-control-tower-customizations
-
Setting up my own landing zone on AWS
For my landing zone I used the Customizations for AWS Control Tower (CfCt) project. When I created my landing zone the Landing Zone Accelerator was not yet available. I still need to evaluate if I can switch, but my initial concerns are the cost of running it. CfCt has low costs and depending on your usage it might even fit in the free tier. The Landing Zone Accelerator comes with VPCs and transit gateways and some other services that will generate costs regardless of what you are doing with the landing zone.
-
Customising AWS Control Tower with CfCT
The team at AWS that have developed the SRA utilised Customisations for Control Tower (CfCT) as the delivery mechanism for there customisations but since they don't maintain that solution itself, it's strongly recommended to check the current version of CfCT here prior to launching the CloudFormation Template.
- Cloudformation Multiple SCP's to different OU's
What are some alternatives?
cookiecutter-django-ecs-github - Complete Walkthrough: Blue/Green Deployment to AWS ECS using Cookiecutter-Django using GitHub actions
org-formation-cli - Better than landingzones!
StackStorm - StackStorm (aka "IFTTT for Ops") is event-driven automation for auto-remediation, incident responses, troubleshooting, deployments, and more for DevOps and SREs. Includes rules engine, workflow, 160 integration packs with 6000+ actions (see https://exchange.stackstorm.org) and ChatOps. Installer at https://docs.stackstorm.com/install/index.html
terraform-aws-control_tower_account_factory - AWS Control Tower Account Factory
superwerker - superwerker can help you get started with the AWS Cloud quickly without investing in consultants or devoting time to extensive research. superwerker is a free, open-source solution that lets you quickly set up an AWS Cloud environment following best practices for security and efficiency so you can focus on your core business.
aws-security-reference-architecture-examples - Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation (including Customizations for AWS Control Tower) and Terraform.
ck - Collective Mind (CM) is a small, modular, cross-platform and decentralized workflow automation framework with a human-friendly interface and reusable automation recipes to make it easier to build, run, benchmark and optimize AI, ML and other applications and systems across diverse and continuously changing models, data, software and hardware
aws-lambda-git - This repository demonstrates how you can run the git binary. Inside an AWS Lambda function.