Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. SPDX-License-Identifier: CC-BY-SA-4.0
- Deploy the Customizations for AWS Control Tower Solution
- Required steps to deploy resources into the AWS Control Tower Management account (e.g. Management Account)
- Create an Organizational Unit (e.g. Management) for the Management account
- Review the Manage Accounts Through AWS Organizations documentation
- Move the Management account into the new Organizational Unit
- Create the AWSControlTowerExecution IAM role in the Management account
- Use the prereq-controltower-execution-role.yaml template to create a CloudFormation stack in the Management account.
- Create an Organizational Unit (e.g. Management) for the Management account
- Create an S3 bucket for the Lambda source code
- Use the prereq-lambda-s3-bucket.yaml template to create a CloudFormation StackSet in the Management account for each region that will deploy custom resources.
- Package the Lambda code and required libraries (e.g. solution/lambda/src) into a zip file and upload it to the Lambda source S3 bucket.
- Use the packaging script to download the required libraries, create a zip file, and upload it to a provided S3 bucket. Usage details are at the top of the script.
- (Optional) Create SSM parameters for the AWS Account IDs and AWS Organizations ID
- Use the prereq-ssm-account-params.yaml template to create a CloudFormation stack in the Management account.