Using Gruntwork's AWS Organization module before Reference Architecture deploy
I want to use Terraform to represent 100% of my infrastructure, including my AWS Organization. So, should I use this module, https://github.com/gruntwork-io/terraform-aws-security/tree/master/modules/aws-organizations, launched from my management account to create the Org? Also, should I keep the state files for this in the management account, and once my Organization and Reference Architecture are deployed, is it advisable to backfill my `infrastructure-live` with this Orgs root module or keep it separated? --- <ins datetime="2022-07-19T19:00:38Z"> <p><a href="https://support.gruntwork.io/hc/requests/109013">Tracked in ticket #109013</a></p> </ins>
> So, should I use this module, https://github.com/gruntwork-io/terraform-aws-security/tree/master/modules/aws-organizations, launched from my management account to create the Org? We recommend using the [account-baseline-root](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/master/modules/landingzone/account-baseline-root) module if you would like to manage everything in Terraform, including your AWS Organizations. > should I keep the state files for this in the management account As far as where to manage the state goes, we recommend keeping the state in the same account as where you are deploying. This means that the state for the management account should be in the management account. This avoids the cross account permissions overhead you have to configure on the S3 bucket. > once my Organization and Reference Architecture are deployed, is it advisable to backfill my infrastructure-live with this Orgs root module or keep it separated? We recommend keeping the root org code separate initially, and then migrate the code over to the `infrastructure-live` from the Reference Architecture once you have an understanding of how the code is organized and implemented. This way, you can copy the code in a way that adheres to the patterns of the Reference Architecture, keeping it consistent.