You can deploy {partner-product-short-name} in a customized AWS Control Tower environment to help you set up a secure, multi-account AWS environment using AWS best practices. For details, see Customizations for AWS Control Tower.
The root directory of the {partner-product-short-name} Quick Start repo includes a ct folder with a manifest.yaml file to assist you with the AWS Control Tower deployment. This file has been customized for the {partner-product-name} Quick Start.
In the following sections, you will review and update the settings in this file and then upload it to the S3 bucket that is used for the deployment.
-
Navigate to the root directory of the {partner-product-short-name} Quick Start, and open the
manifest.yamlfile, located in thectfolder. -
Confirm that the
regionattribute references the Region where AWS Control Tower is deployed. The default Region is us-east-1. You will update theregionsattribute (located in the resources section) in a later step. -
Confirm that the
resource_fileattribute points to the public S3 bucket for the {partner-product-name} Quick Start. Using a public S3 bucket ensures a consistent code base across the different deployment options.If you prefer to deploy from your own S3 bucket, update the path as needed.
-
Review each of the
parametersattributes and update them as needed to match the requirements of your deployment. -
Confirm that the
deployment_targetsattribute is configured for either your target accounts or organizational units (OUs). -
For the
regionsattribute, add the Region where you plan to deploy the {partner-product-short-name} Quick Start. The default Region is us-east-1.
-
Compress the
manifest.yamlfile and name itcustom-control-tower-configuration.zip. -
Upload the
custom-control-tower-configuration.zipfile to the S3 bucket that was created for the AWS Control Tower deployment (custom-control-tower-configuration-<accountnumber>-<region>).
The file upload initiates the customized pipeline that deploys the Quick Start to your target accounts.