Does gruntwork required aws root account to setup cloud infrastructure in an organisation
Dear Team, I have gone through the document to setup [Reference Architecture](https://gruntwork.io/reference-architecture/). I have one concern over the setup that if gruntworks would setup[ account baseline](https://docs.gruntwork.io/guides/build-it-yourself/landing-zone/deployment-walkthrough/configure-the-security-baseline-for-the-root-account/) or landing zone for the organization, does it required aws root account or we can create another account under this root account ?. Since we know AWS does not recommend to provide root account for any services and it could be high security concern. --- <ins datetime="2022-08-01T10:04:00Z"> <p><a href="https://support.gruntwork.io/hc/requests/109084">Tracked in ticket #109084</a></p> </ins> [r:terraform-aws-service-catalog](https://github.com/gruntwork-io/terraform-aws-service-catalog)
The command line tooling that we strongly recommend you use leverages your root account in order to create the necessary accounts under it, but does not make any changes to the root account itself. This is also done by you in your environment, and not by us. When the accounts are handed over to us for Reference Architecture provisioning, we can only access and modify the (usually six) accounts specific for the Reference Architecture, and cannot access your root account (or any other accounts under your root account). AWS doesn't permit you to create multiple levels of accounts, so you can't create an account under your root account and then create the reference architecture accounts under that account.