Skip to content
Lab materials and documentation for the workshop ARC325 Managing Multiple Accounts at Scale at re:Invent 2017
PowerShell
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github Initial Commit Nov 28, 2017
ADConfig Initial Commit Nov 28, 2017
CrossAccountManager Initial Commit Nov 28, 2017
LoggingDashboards Initial Commit Nov 28, 2017
docs Initial Commit Nov 28, 2017
images Initial Commit Nov 28, 2017
templates Updated dependency and default values in a template Dec 3, 2017
.gitignore Initial Commit Nov 28, 2017
CLI_Commands.txt Initial Commit Nov 28, 2017
LICENSE Initial Commit Nov 28, 2017
NOTICE Initial Commit Nov 28, 2017
README.md Updated dependency and default values in a template Dec 3, 2017
ResourcesList.txt Initial Commit Nov 28, 2017
SCPDenyRDS.json Initial Commit Nov 28, 2017

README.md

This workshop is designed for Architects, Developers and System Engineers who would like to design, build and manage multiple AWS accounts.

This workshop explains how to manage multiple AWS accounts following best practices using existing quick start guides and solutions.

Modules DependsOn Expected Time
Prerequisites N/A 5 Minutes
Create AWS Organization and sub accounts Prerequisites 10 Minutes
Prepare accounts for CloudFormation StackSet Create AWS Organization and sub accounts 10 Minutes
Configure Config and CloudTrail on all accounts Prepare accounts for CloudFormation StackSet 15 Minutes
Create Active Directory for SSO Prepare accounts for CloudFormation StackSet 5 Minutes
Configure Centralized Logging Configure Config and CloudTrail on all accounts 5 Minutes
Configure trust relationship between AD on EC2 and AD on DS Create Active Directory for SSO 15 Minutes
Deploy and Configure Cross Account Manager Configure trust relationship between AD on EC2 and AD on DS 20 Minutes
Enable and configure VPC Flow logs (Optional) Configure Centralized Logging 10 Minutes
Configure Logging Dashboard (Optional) Configure Centralized Logging and Enable and configure VPC Flow logs (if you want to have VPC Flow log dashboard) 5 Minutes
On-board a new account (Optional) Deploy and Configure Cross Account Manager 15 Minutes
Using Service Control Policies (Optional) Create AWS Organization and sub accounts 10 Minutes
You can’t perform that action at this time.