[[Infrastructure-as-Code]] tool for [[AWS Organizations]].
## Who should use this?
Teams who want to provision [[AWS]] accounts using a standardised configuration and access control that is easy to update and maintain via configuration code files.
Particularly suited for [[Software services companies]] who build out [[AWS]] projects for their clients and for whom manual account setup is a relatively regular occurrence.
## Capabilities
- Automated creation of child accounts when starting a new project
- Provision [[AWS Route53|Route53]] subdomain hosted zones with a subdomain delegated to each environment account
- Provision wildcard SSL certificates in [[AWS ACM]]
- Create Budget Alerts based on threshold custom tag stored on each account
- Create cross-account [[AWS IAM|IAM]] roles, e.g. the roles that would be used by a [[AWS CodePipeline|CodePipeline]] pipeline in a `tools` account to deploy to dev/staging/prod accounts
See [full list of examples](https://github.com/org-formation/org-formation-cli/tree/master/examples)
---
## References
- https://github.com/org-formation/org-formation-cli
- [How to get started with OrgFormation · bahr.dev](https://bahr.dev/2022/02/07/org-formation/) by [[@Michael Bahr]]