AWS CloudFormation template

To automate deployment, this solution uses the following AWS CloudFormation templates, which you can download before deployment:

To use the solution, you need to deploy the Admin template on an admin account and the Agent template on one or multiple monitored accounts. Only the accounts which are deployed with the Agent template can be monitored, which are also called monitored account.

If all your accounts are within AWS Organizations, you need to deploy the IT template on an IT account. The AWS organization root user needs to first register the IT account as a delegated administrator.

AWS Global Regions

• Template for Admin account with IdP (Admin template) in New VPC
• Template for Admin account With IdP (Admin template) in Existing VPC
• Template for Admin account With IdP (Admin template) in Only Private Subnets Existing VPC
• Template for Admin account (Admin template) in New VPC
• Template for Admin account (Admin template) in Existing VPC
• Template for Admin account (Admin template) in Only Private Subnets Existing VPC
• Template for Monitored account (Agent template)
• Template for IT account (IT template)

AWS China Regions

• Template for Admin account (Admin template) in New VPC
• Template for Admin account (Admin template) in Existing VPC
• Template for Monitored account (Agent template)
• Template for IT account (IT template)