#
Deploy StackSets
We deploy StackSets to all accounts under the active accounts OU. We do this so active accounts have some features that are important to have while the account is active but we make sure to delete them when the account is retired and moved to the retired OU.
#
Deploy Backup StackSet
Using the aws-cloudformation-templates repo, run the following command:
make AWS_PROFILE=staging-sso S3_BUCKET=jetrails-shared-assets-staging TEMPLATE=backup packageWe can now create the StackSet:
aws cloudformation create-stack-set \
--profile staging-sso \
--stack-set-name backup \
--template-url https://jetrails-shared-assets-staging.s3.amazonaws.com/cloudformation-templates/backup/backup-staging/backup.yml \
--permission-model SERVICE_MANAGED \
--capabilities CAPABILITY_NAMED_IAM \
--auto-deployment Enabled=true,RetainStacksOnAccountRemoval=falseNext, we can add the active OU to the deployment targets.
aws cloudformation create-stack-instances \
--profile staging-sso \
--stack-set-name backup \
--regions us-east-1 \
--deployment-targets OrganizationalUnitIds=ou-oezy-zmb0bkr6
#
Deploy CloudflarePrefixLists StackSet
Using the aws-cloudformation-templates repo, run the following command:
make AWS_PROFILE=staging-sso S3_BUCKET=jetrails-shared-assets-staging TEMPLATE=prefix-lists packageWe can now create the StackSet:
aws cloudformation create-stack-set \
--profile staging-sso \
--stack-set-name cloudflare-prefix-lists \
--template-url https://jetrails-shared-assets-staging.s3.amazonaws.com/cloudformation-templates/prefix-lists/prefix-lists-staging/prefix-lists.yml \
--permission-model SERVICE_MANAGED \
--capabilities CAPABILITY_NAMED_IAM \
--auto-deployment Enabled=true,RetainStacksOnAccountRemoval=falseNext, we can add the active OU to the deployment targets.
aws cloudformation create-stack-instances \
--profile staging-sso \
--stack-set-name cloudflare-prefix-lists \
--regions us-east-1 \
--deployment-targets OrganizationalUnitIds=ou-oezy-zmb0bkr6