Skip to content

gabrielbac/aws_control_tower_manifest_builder

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

92 Commits
.github
.github
 
 
docs
docs
 
 
src/aws_control_tower_manifest_builder
src/aws_control_tower_manifest_builder
 
 
tests
tests
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
AUTHORS.rst
AUTHORS.rst
 
 
CONTRIBUTING.rst
CONTRIBUTING.rst
 
 
HISTORY.rst
HISTORY.rst
 
 
LICENSE
LICENSE
 
 
MANIFEST.in
MANIFEST.in
 
 
Makefile
Makefile
 
 
Pipeline.drawio.png
Pipeline.drawio.png
 
 
README.rst
README.rst
 
 
requirements_dev.txt
requirements_dev.txt
 
 
setup.cfg
setup.cfg
 
 
setup.py
setup.py
 
 
tox.ini
tox.ini
 
 

Repository files navigation

AWS Control Tower Manifest Builder

Documentation Status

Python package to automatically build the AWS Control Tower Manifest given Cloud Formation templates and SCPs as input.

Features

Pipeline.drawio.png

Quick start

  1. Run pip install aws-control-tower-manifest-builder
  2. Download sample template and SCPs from S3 "Add link". Extract to directory
  3. Run aws_control_tower_manifest_builder --input-cf sample_templates --input-scp sample_scp --output output_manifest
    Note: the sample template includes incorrecly formatted templates.

For Developers - before pushing a branch

  1. Clone the repo
  2. make venv
  3. make black
  4. make lint
  5. make test
  6. make local-test

To bump version: 1. Update HISTORY.rst 2. git fetch to fetch all tags 3. make bump-<patch-minor-major> 4. Make a release in Github and add a tag.

  • Cloud Formation templates require a metadata section with the following info:
Metadata:
  manifest_parameters: # can be customized with --metadata-name
  name: detailed_template # Optional. Defaults to the file name. a-z, A-Z, 0-9, and "-"
  description: string # Required for SCPs
  deploy_method: stackset # Optional. All file in the template directory use "stackset" and in policy directory use "scp".
  accounts: ["123456789012", "987456123989"] # Requires "accounts" and/or "organizational_unit". If accounts is used, enforce only account
                                             # IDs with --enforce-account-number-only
  organizational_units: ["dev", "prod"] # Requires "accounts" and/or "organizational_unit".
  regions: ["us-east-1" , "us-east-2"] # Optional. Defaults to us-east-1.
  parameters: # Optional. List of parameters [SSM, Alfred, Values]
  - parameter_key: parameter1
    parameter_value: value1
  - parameter_key: parameter2
    parameter_value: value2
  export_outputs: # Optional. list of ssm parameters to store output values
  - name: /org/member/test-ssm/app-id
    value: $[output_ApplicationId]

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases 14

Adding quotes to accounts in the manifest file Latest
Feb 10, 2024
+ 13 releases

Packages

 
 
 

Contributors 2

  •  
  •  

Languages