Repository contains CloudFormation templates and scripts to setup a baseline AWS account.
Steps to Deploy
- Open your web browser and login to your AWS Account.
- Click the button below to launch stack.
- Fill out parameters
| Stack | Deploy Link |
|---|---|
| Billing |  |
| CloudTrail | |
| AWS Config | |
| IAM Password Policy | |
The template configures CIS Level-1 compliant AWS Config resources for the AWS payer account
The template configures the Billing S3 bucket for the CUR files to meet CIS Level 1 benchmarks in the AWS payer account
The template configures CIS Level-1 compliant AWS Config resources for the AWS payer account
The following parameters are required in the deployment
| Parameter | Description | Default |
|---|---|---|
| Max Password Age | Age of the password in days before expiration | 90 |
| Minimum Password Length | Minimum length required for password to be | 14 |
| Password History | Number of previous passwords to remember | 24 |
| Require Lowercase Chars | Require at least one lowercase character | true |
| Require Numbers | Require at least one number | true |
| Require Symbols | Require at least one symbol | true |
| Require Uppercase Chars | Require at least one uppercase character | true |
The scripts are designed to run in the AWS CloudShell.
Note: This will delete all default VPCs in a new account
Run from the CloudShell in region to remove the default VPC. Script requires JQ to be installed.
curl -fsS https://raw.githubusercontent.com/grolston/aws-account-baseline/master/delete-default-vpc.sh | bash