Skip to content

truemark/harmony

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.github
.github
 
 
.idea
.idea
 
 
cdk
cdk
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
CODEOWNERS
CODEOWNERS
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
package.json
package.json
 
 
pnpm-lock.yaml
pnpm-lock.yaml
 
 

Repository files navigation

Harmony

This projects contains TrueMark account and organization level automation.

Note that TrueMark's Observability pattern is deployed from Overwatch and not this repository.

Pre-requisites

  • AWS ControlTower is enabled
  • AWS SSO is enabled (must be in the same account as ControlTower)

Stacks

The following stacks make up Harmony.

Harmony Advanced

This stack deploys the following:

  • AccountFactory
  • Standard AWS Permission Sets for AWS SSO
  • Standard AWS Organization OUs
  • Standard set of Security Control Policies

Harmony Account

This stack deploys the following:

  • Roles for automation
  • Optional Roles for TrueMark access

Note that this stack should go into the same region as Harmony Advanced is deployed into.

Harmony Regional

This stack deploys the following:

  • Turning off AWS Config Rules that are not needed

Customer Specific Configurations

The following functionality is expected to be implemented in separate Terraform for CDK stacks on a per customer basis:

  • AWS SSO Configuration (SAML, etc)
  • Customer specific AWS SSO Permission Sets

About

No description, website, or topics provided.

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages