Mandatory upgrade steps Highly recommended upgrade steps

Manifest version upgrades

For information about the latest version of Customizations for AWS Control Tower (CfCT), see the CHANGELOG.md file in the GitHub repository.

Warning

Version 2.2.0 of Customizations for AWS Control Tower (CfCT) introduced a manifest schema (version 2021-03-15) to align with related AWS service APIs. The manifest schema allows a single manifest.yaml file to manages supported resources (AWS CloudFormation templates and SCPs) through decoupled DevOps workflows.

We strongly recommend that you update the manifest schema from version 2020-01-01 to version 2021-03-15 or later.

CfCT continues to support version 2021-03-15 and 2020-01-01 of the manifest.yaml file. No changes to your existing configuration are required. However, version 2020-01-01 is at End of Support. We no longer provide updates or add enhancements to version 2020-01-01. The Root OU and nested OU features aren't supported in version 2020-01-01.

Deprecated properties in manifest version 2021-03-15:


organization_policies
policy_file
apply_to_accounts_in_ou

cloudformation_resources
template_file
deploy_to_account
deploy_to_ou
ssm_parameters

Mandatory upgrade steps

When you upgrade to the manifest schema version 2021-03-15 version, here are the changes you must make to update your files. The next sections outline mandatory and recommended changes for the transition.

Organizations polices

Move the SCPs under organization_policies under new property resources.
Change the policy_file property to new property resource_file.
Change the apply_to_accounts_in_ou to new property deployment_targets. The OU list should be defined under sub-property organizational_units. The accounts sub-property is not supported for organizations policies.
Add a new property deploy_method with the value scp.

AWS CloudFormation resources

Move the CloudFormation resources under cloudformation_resources under new property resources.
Change the template_file property to new property resource_file.
Change the deploy_to_ou to new property deployment_targets. The OU list should be defined under sub-property organizational_units.
Change the deploy_to_accounts to new property deployment_targets. The account list should be defined under sub-property accounts.
Change the ssm_parameters property to new property export_outputs.

Highly recommended upgrade steps

AWS CloudFormation parameters

Change the parameter_file property to new property parameters.
Remove the file path in the value of the parameter_file property.
Copy the parameter key and parameter value from the existing parameter JSON file into the new format for the parameters property. This would help you manage them in the manifest file.

Note

The parameter_file property is supported in manifest version 2021-03-15.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

The ‘alfred’ helper and the AWS CloudFormation parameter files

Networking