AWS Organization Terraform

This repository contains the Terraform configurations needed to manage a multi-account AWS organization and the various roles that will be used within the accounts.

At Liatrio, we used this as the foundation for our accounts. We created a private fork that contains the actual users and resources used in our accounts.

Related blog post: liatrio.com/secure-aws-account-structure

Be sure to modify shared.tfvars to customize for your organization.

Prerequisites

Terraform
Terragrunt
Keybase account (only required during initialization to get a secret key for the initial admin user)

Initialization

See the master folder for initial setup instructions the first time the organization is being created.

Post-Initialization

Future Terraform runs must be run by an IAM user in the Infosec account with the appropriate group assignment for the target account:

Infosec account: InfosecAdmins group
Prod account: ProdAdmins group
Non-Prod account: NonProdAdmins group

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
accounts		accounts
environments		environments
master		master
modules		modules
utility/one-time-login		utility/one-time-login
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
shared.tfvars		shared.tfvars
terraform.tfvars		terraform.tfvars

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

AWS Organization Terraform

Prerequisites

Initialization

Post-Initialization

About

Releases

Packages

Languages

License

tappleby/aws-accounts-terraform

Folders and files

Latest commit

History

Repository files navigation

AWS Organization Terraform

Prerequisites

Initialization

Post-Initialization

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages