Core VPC Environments Accounts Setup

Overview

The core-vpc AWS accounts are responsible for creating the core VPC resources in the VPC accounts.

Resource	Description
VPCs	Provides networking resources
VPC endpoints	Enables secure access to services without internet
RAM shares	Shares AWS resources across accounts securely
Transit Gateway connectivity	Provides scalable and flexible networking connections

Steps

1. Account Creation

Please note that aliases do not have a retention period. If an alias still exists under the same organizational unit, you cannot reuse the same alias. To prevent the alias from being recreated, you need to add the environment name to the skip alias local.

To initiate the account recreation process, go to the GitHub Actions page for the Modernisation Platform repository and trigger the new environment workflow. This workflow should detect that the account no longer exists and propose to recreate the account. As part of this process, it will also execute the baseline runs for the account.

2. Deploy The Core VPC Resources

To recreate the resources run the actions below in Github

• core-vpc-test-deployment
• core-vpc-development-deployment
• core-vpc-preproduction-deployment
• core-vpc-production-deployment

If a GitHub Actions deployment is not available the resources can be redeployed locally:

• Navigate to the modernisation-platform repo and change to the terraform/environments/core-vpc directory
• Using MP admin credentials, execute terraform apply from the core-vpc-$environment workspace

3. Verify Resources

• Log into AWS Console for the core-vpc-$environment account
• Verify that resources have been correctly provisioned:
  • Do VPCs exist with the correct configurations?
  • Verify that CloudTrail is configured to log API activity related to VPC changes and VPC Flow Logs.
  • Are VPC endpoints created for necessary services, and are they properly configured?
  • Are RAM shares properly established to share resources across accounts?
  • Is Transit Gateway connectivity correctly set up and functioning for all connected VPCs?

4. Notify Mod Platform Team

• Inform Modernisation Platform team of rebuild process
• Inform customers that account has been recreated

References

• Accessing the AWS Console
• Disaster Recovery Process

This page was last reviewed on 30 September 2024. It needs to be reviewed again on 30 March 2025 by the page owner #modernisation-platform .

This page was set to be reviewed before 30 March 2025 by the page owner #modernisation-platform. This might mean the content is out of date.