Include a delegated build pipeline in the same account

[rene84]

It's good practice to separate build pipelines and repositories to small units, while limiting the amount of dependencies. This enables different groups of ppl (teams) to work more independently of each other.

The prescribed way of org-formation of doing this is to use delegated builds. Might as well add a delegated build (repo and pipeline) into the reference architecture so users of the reference architecture have a starting point and example of how to set up a delegated build.

This could initially be done within the same OrgBuild account, with documentation of how to set it up in other accounts and guidance on whether or not to creating delegated builds within delegated builds is a good idea

[OlafConijn]

yes, i could think of two good examples:

1. eventing, for things like breakglass, secinfo and access denied notifications
2. compliance, with securityhub etc.

i would somehow imagine these to be in separate refarch repositories and to be deployed separately. just like a starting point for your own delegated build.

org-formation init-build --main-build-account-id 111111111111 --template: git@github.com:org/repo.git