search

aws-solutions / aws-control-tower-customizations

The Customizations for AWS Control Tower solution combines AWS Control Tower and other highly-available, trusted AWS services to help customers more quickly set up a secure, multi-account AWS environment using AWS best practices.
https://docs.aws.amazon.com/controltower/latest/userguide/cfct-overview.html
Apache License 2.0
363 stars 205 forks source link

Support regions `all` #204

Open sigJoe opened 1 month ago

sigJoe commented 1 month ago

Is your feature request related to a problem? Please describe. I've got a few different things that I want deployed by CTC to every enabled region. Every time there's a new region it's frustrating to have to go and update the region list for each of them and cross-check to make sure none are missing. It would be nice to have a special string that enables deploy to every region.

Describe the feature you'd like

  - name: MyThing
    description: This thing goes to every region
    resource_file: my-thing-template.yaml
    deploy_method: stack_set
    parameters:
      - parameter_key: foo
        parameter_value: bar
    deployment_targets:
      organizational_units:
        - Production
    regions:
      - all_enabled # <-- This is the feature request

Additional context I imagine it would involve a bunch of extra querying and processing that you wouldn't want to do. I'd be satisfied with just assuming that every child account has the same regions enabled as the stackset account.

vinelias commented 1 month ago

That's a great idea! And it's not that complex, we just need a query to get a list of CT governed regions and replace the all_enabled with it.