Skip to content

Commit

Permalink
Easy update (#207)
Browse files Browse the repository at this point in the history 
* add shield solution to easy setup

* add shield solution to easy setup

* mod easy setup

* minor easy setup update

* change codebuild retries

* minor easy setup update

* minor easy setup update

* update config module

* update main README
  • Loading branch information
@liamschn
liamschn authored Feb 23, 2024
1 parent f88c36c commit 55557a4
Show file tree
Hide file tree
Showing 4 changed files with 448 additions and 65 deletions.
3 changes: 2 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,7 @@ Please follow the instructions for SRA Terraform deployments in the [SRA Terrafo
| Example Solution | Solution Highlights | What does Control Tower provide? | Depends On |
| :---------------------------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :----------------------------------------------------------------------------------------------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [Account Alternate Contacts](aws_sra_examples/solutions/account/account_alternate_contacts) | Sets the billing, operations, and security alternate contacts for all accounts within the organization. | | |
| [AMI Bakery](aws_sra_examples/solutions/ami_bakery/ami_bakery_org) | Creates and configures an AMI image management pipeline. | | |
| [CloudTrail](aws_sra_examples/solutions/cloudtrail/cloudtrail_org) | Organization trail with defaults set to configure data events (e.g. S3 and Lambda) to avoid duplicating the Control Tower configured CloudTrail. Options for configuring management events. | CloudTrail enabled in each account with management events only. | |
| [Config Management Account](aws_sra_examples/solutions/config/config_management_account) | Enables AWS Config in the Management account to allow resource compliance monitoring. | Configures AWS Config in all accounts except for the Management account in each governed region. | <ul><li>AWS Control Tower</li></ul> |
| [Config Organization Aggregator](aws_sra_examples/solutions/config/config_aggregator_org) | **Not required for most Control Tower environments.** Deploy an Organization Config Aggregator to a delegated admin other than the Audit account. | Organization Config Aggregator in the Management account and Account Config Aggregator in the Audit account. | <ul><li>AWS Control Tower</li><li>[Common Register Delegated Administrator](aws_sra_examples/solutions/common/common_register_delegated_administrator)</li></ul> |
Expand All @@ -149,7 +150,7 @@ Please follow the instructions for SRA Terraform deployments in the [SRA Terrafo
| [Firewall Manager](aws_sra_examples/solutions/firewall_manager/firewall_manager_org) | Demonstrates configuring a security group policy and WAF policies for all accounts within an organization. | | |
| [GuardDuty](aws_sra_examples/solutions/guardduty/guardduty_org) | Configures GuardDuty within a delegated admin account for all accounts within an organization. | | |
| [IAM Access Analyzer](aws_sra_examples/solutions/iam/iam_access_analyzer) | Configures an organization analyzer within a delegated admin account and account level analyzer within each account. | | [Common Register Delegated Administrator](aws_sra_examples/solutions/common/common_register_delegated_administrator)</li></ul> |
| [IAM Account Password Policy](aws_sra_examples/solutions/iam/iam_password_policy) | Sets the account password policy for users to align with common compliance standards. | | |
| [IAM Account Password Policy](aws_sra_examples/solutions/iam/iam_password_policy) | Sets the account password policy for users to align with common compliance standards. | | |
| [Inspector](aws_sra_examples/solutions/inspector/inspector_org) | Configure Inspector within a delegated admin account for all accounts and governed regions within the organization. | | |
| [Macie](aws_sra_examples/solutions/macie/macie_org) | Configures Macie within a delegated admin account for all accounts within the organization. | | |
| [S3 Block Account Public Access](aws_sra_examples/solutions/s3/s3_block_account_public_access) | Configures the account-level S3 BPA settings for all accounts within the organization. | Configures S3 BPA settings on buckets created by Control Tower only. | <ul><li>AWS Control Tower</li></ul> |
Expand Down
Loading

0 comments on commit 55557a4

Please sign in to comment.