Skip to main content
Sponsor @cloudposse

FAQ

These are some of the most frequently asked questions by customers during our Kick Off calls.

What is the difference between a Service Discovery Domain and a Vanity Domain?

This is an extremely common question. Please see What is the difference between a Vanity and a Service Domain?

Do we have to use 1Password?

Yes, for Cloud Posse engagements we only uses 1Password to share secrets. You do not need to use 1Password internally, but Cloud Posse will need to use 1Password to transfer secrets to your team. You can either create your own 1Password Vault and add Cloud Posse as members or request that Cloud Posse create a temporary vault (free for you).

Do we have to create a new Organization?

Yes! We need this single root account to start a new AWS Organization. Cloud Posse will be terraforming your entire organization, creating 12-plus accounts, and doing everything from the ground up. We're responsible for configuring SSO, fine-grained IAM roles, and more. We'll need a net-new Organization, so we cannot jeopardize any of your current operations.

Once created, we will invite your team to join the new Organization.

How many email addresses do we need to create?

Only one email with + addressing is required. This email will be used to create your AWS accounts. For example, aws+%[email protected].

What is plus email addressing?

Plus email addressing, also known as plus addressing or subaddressing, is a feature offered by some email providers that allows users to create multiple variations of their email address by adding a "+" sign and a unique identifier after their username and before the "@" symbol.

For example, if the email address is "[email protected]", a user can create variations such as "[email protected]" or "[email protected]". Emails sent to these variations will still be delivered to the original email address, but the unique identifier can be used to filter or organize incoming emails.

How can we track progress?

We send status updates on Fridays via Slack! Or feel free to reach out anytime for an update.

Why are the initial Pull Requests so large?

The reason that these PRs are so large is because we are generating content for your entire infrastructure repository. A complete infrastructure set up requires dozens of components, each with Terraform modules, configuration, account setup, and documentation.

We've organized these full infrastructure configurations into "layers", which generally reflect the topics of the handoff calls. Specifically, these layers are typically: baseline, accounts, identity, network, spacelift, eks, monitoring, and data, as well as a few miscellaneous additions for smaller addons.

In order to deploy any given layer, we must create all content for that given layer. For example, eks adds 200+ files. These are all required to be able to deploy EKS, so we cannot make this PR smaller. However, as the foundation is built out, these PRs will naturally become small, as additional layers have fewer requirements.

Regarding your team's internal review, we do not intend for your team to be required to review these massive PRs. Cloud Posse internally reviews these PRs extensively to ensure that the final product works as intended. Once we're confident that we've deployed a given layer entirely, then we schedule the handoff calls. A handoff call is intended to explain a given topic and provide the opportunity for your team to review and provide feedback on any given layer, as well as answer other questions.

How can we customize our architecture?

Customizations are out of scope typically, but we can assess each on a case-by-case basis. You will learn your environment and be confident to make customizations on your own. Often we can deploy an example of the customization, but it's up to you to implement the full deployment

What if we need something that is out of scope of the SOW?

That will require a change order or adding another SOW for Professional services. Please reach out to Erik.