Closed3
AWS Config Control Tower Management Account を試してみた
Hidekazu TanakaAWS Control Tower の管理アカウントでは AWS Config が有効にならないので、次のソリューションを試してみた。
Hidekazu Tanaka事前準備
1. Download and Stage the SRA Solutions.
ghq get https://github.com/aws-samples/aws-security-reference-architecture-examples.git
cd ~/src/github.com/aws-samples/aws-security-reference-architecture-examples
aws cloudformation deploy \
--template-file ./aws_sra_examples/solutions/common/common_prerequisites/templates/sra-common-prerequisites-staging-s3-bucket.yaml \
--stack-name sra-common-prerequisites-staging-s3-bucket \
--capabilities CAPABILITY_NAMED_IAM \
--profile master
sh ./aws_sra_examples/utils/packaging_scripts/stage_solution.sh --profile master
2. Verify that the SRA Prerequisites Solution has been deployed.
aws cloudformation deploy \
--template-file ./aws_sra_examples/solutions/common/common_prerequisites/templates/sra-common-prerequisites-management-account-parameters.yaml \
--stack-name sra-common-prerequisites-management-account-parameters \
--capabilities CAPABILITY_NAMED_IAM \
--profile master
aws cloudformation deploy \
--template-file ./aws_sra_examples/solutions/common/common_prerequisites/templates/sra-common-prerequisites-main-ssm.yaml \
--stack-name sra-common-prerequisites-main-ssm \
--capabilities CAPABILITY_NAMED_IAM \
--profile master
デプロイ
aws cloudformation deploy \
--template-file ./aws_sra_examples/solutions/config/config_management_account/templates/sra-config-management-account-main-ssm.yaml \
--stack-name sra-config-management-account-main-ssm \
--capabilities CAPABILITY_NAMED_IAM \
--profile master
このスクラップは2ヶ月前にクローズされました