aws-deployment-framework
terraform-aws-control_tower_account_factory
aws-deployment-framework | terraform-aws-control_tower_account_factory | |
---|---|---|
4 | 5 | |
636 | 590 | |
1.3% | 1.2% | |
8.3 | 4.8 | |
8 days ago | 9 days ago | |
Python | HCL | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
aws-deployment-framework
-
Sync AWS CodeCommit repositories
In some scenarios you might have the need to replicate an AWS CodeCommit repository. When I was setting up a test organization using AWS Deployment Framework (ADF) I ran into this myself. Because I want to test the deployment of my landing zone I needed to have a close replica. This includes the CodeCommit setup. But at the same time I did not want to change the development workflow. The workflow is pretty straight forward. You create a feature branch to work in. When you are ready you merge it to a development branch. When it needs to go to production you merge it into the main branch. So we will use the development branch to deploy to the test organization. But, because the test organization is a replica of production. Merging to the development branch would not have effect on the test organization. For this we need to synchronize the development branch to the test organization.
-
Testing your Landing Zone when using AWS Deployment Framework
Within AWS Organizations you can apply Service control policies (SCPs). All AWS Accounts under the OU (Organization Unit) with the SCP will be subjective to this SCP. What if you need to make a change in this SCP? How can you test this change? SCPs are not the only things you might want to test. Remember that I mentioned that ADF is also bootstrapping the accounts? That could be a VPC with subnets for networking. How do you ensure that the change that you made works as intended? When merging to your main branch. It will trigger a rollout process depending on your configuration.
-
Customising AWS Control Tower with CfCT
AWS Deployment Framework (ADF)
- CDK pipelines for managing AWS Organizations
terraform-aws-control_tower_account_factory
-
AFT: tu asistente personal en tus cuentas de AWS 🥶
Repos-AFT
-
Setup Account Factory for Terraform and enable default VPCs deletion (with bug fix on source code)
I have raise the issue in here, you can check it out. https://github.com/aws-ia/terraform-aws-control_tower_account_factory/issues/393
-
Flux vs Argo multi branch deployments, how would you do it?
We're separating terraform infra gitops repo and application gitops repo with argo and Crossplane by setting the respective IRSA security boundaries for AWS EKS using custom Control Tower AFT deployment and sharing the respective cross-account resources with AWS RAM, so every developer gets it's own isolated EKS cluster inside an isolated account - there's no IAM Role per Developer nonsense.
-
Customising AWS Control Tower with CfCT
Account Factory for Terraform
-
Open Up The Cloud Newsletter #29 (November Recap 2021)
Control Tower Account Factory For Terraform — Setting up an AWS organisation isn’t easy, and when you try doing that with Terraform, it’s not any easier! You need to decide on things like patterns for your backend / state management (e.g. how many backend locations you want, and which AWS accounts those backends will live), and you’ll need to hand-roll a load of tooling to get things to work. This new module is kinda AWS out-of-the-box in a Terraform module. However… the code module behind the announcement only has only two contributors 👀. That said, it is nice to see AWS supporting Terraform more heavily. Earlier this year, AWS announced they would invest in officially supported Terraform modules [1][2], which now live under a new GitHub organisation called “AWS Integration & Automation” [1]. The terraform modules announcement did come with some criticisms, though about the lack of engagement with existing open source folks before announcing the project [1].
What are some alternatives?
cookiecutter-django-ecs-github - Complete Walkthrough: Blue/Green Deployment to AWS ECS using Cookiecutter-Django using GitHub actions
aft-account-request
StackStorm - StackStorm (aka "IFTTT for Ops") is event-driven automation for auto-remediation, incident responses, troubleshooting, deployments, and more for DevOps and SREs. Includes rules engine, workflow, 160 integration packs with 6000+ actions (see https://exchange.stackstorm.org) and ChatOps. Installer at https://docs.stackstorm.com/install/index.html
awscon-onepager - đź“ť AWS Conferences One-Pagers [DEPRECATED]
superwerker - superwerker can help you get started with the AWS Cloud quickly without investing in consultants or devoting time to extensive research. superwerker is a free, open-source solution that lets you quickly set up an AWS Cloud environment following best practices for security and efficiency so you can focus on your core business.
aws-control-tower-customizations - The Customizations for AWS Control Tower solution combines AWS Control Tower and other highly-available, trusted AWS services to help customers more quickly set up a secure, multi-account AWS environment using AWS best practices.
aft-deployment - Code for calling AFT module to deploy AFT