Skip to content

docs: deprecate account-map and related components #834

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
milldr wants to merge 17 commits into
base: master
Choose a base branch
from
Open

docs: deprecate account-map and related components #834

milldr wants to merge 17 commits into from

Conversation

@milldr
Copy link
Member

@milldr milldr commented Dec 8, 2025
edited
Loading

Summary

Deprecate account-map, aws-teams, aws-team-roles, and legacy GitHub Actions GitOps in favor of Atmos Auth, AWS SSO Permission Sets, Atmos Pro, and RunsOn.

Site Structure

 Getting Started/
 ├── Introduction
 ├── Quickstart (DIY)
 └── Jumpstart Customers

 Build Your Foundation/
 ├── Setup your project/
 │   ├── Create Repository
 │   ├── Toolbox
 │   ├── Design Decisions/
 │   └── Tutorials/
+│       └── Migrate from Account Map              # NEW - migration guide
 │
 ├── Manage Accounts/
 │   ├── Accounts (index)
 │   ├── Prepare AWS Organization
 │   ├── Initialize Terraform Backend
 │   ├── Deploy Accounts
+│   ├── Setup CloudTrail                         # NEW
-│   ├── Account Baseline                         # REMOVED
 │   ├── FAQ
 │   ├── Design Decisions/
 │   └── Tutorials/
-│       ├── Cold Start                           # REMOVED
-│       ├── Deprecated Cold Start Components     # REMOVED
-│       ├── Manual Configuration                 # REMOVED
+│       ├── Create Account Root Users            # NEW
+│       ├── Legacy Account Map                   # NEW - reference for migration
 │       ├── How to Add a New OU
 │       ├── How to Add or Mirror a Region
 │       ├── How to Adopt/Import Legacy Accounts
 │       ├── How to Create and Setup AWS Accounts
 │       ├── How to Create SuperAdmin User
 │       ├── How to Delete AWS Accounts
 │       ├── How to Manage Account Settings
 │       ├── How to Register Pristine AWS Root Account
 │       ├── How to Set Up AWS Email Notifications
 │       └── Terraform S3 State
 │
 ├── Identity and Authentication/
 │   ├── Identity (index)
 │   ├── Setup Identity Center (AWS SSO)
+│   ├── Centralize Root Access                   # NEW
 │   ├── Deploy IAM Roles
+│   ├── Configure Atmos Auth                     # NEW - replaces Leapp
 │   ├── Login to AWS
-│   ├── Centralized Terraform Access             # REMOVED
-│   ├── FAQ                                      # REMOVED
 │   ├── Design Decisions/
-│   ├── Docs/                                    # REMOVED folder
-│   │   ├── AWS Access Control Architecture
-│   │   ├── AWS Access Control Evolution
-│   │   ├── AWS Access Control
-│   │   ├── AWS Restricting Admin Access
-│   │   └── Dynamic Terraform Roles
-│   ├── Optional/                                # REMOVED folder
-│   │   └── AWS SAML
 │   └── Tutorials/
+│       ├── Access Control Evolution             # NEW (content from docs/)
+│       ├── AWS SAML                             # NEW (moved from optional/)
 │       ├── How to Setup SAML Login from Office 365
-│       ├── Expanding IAM Roles                  # REMOVED
-│       ├── How to Create a Delegated Role       # REMOVED
-│       ├── How to Easily Switch AWS Account Roles # REMOVED
-│       └── Leapp/                               # REMOVED folder
-│           ├── Leapp
-│           └── How to Setup Windows
 │
 └── Network and DNS/
     ├── Network (index)
     ├── Deploy VPCs
     ├── Connect Network (Transit Gateway)        # REWRITTEN
     ├── Access Network (VPN)
     ├── DNS Setup
     ├── FAQ
     └── Design Decisions/

 Set Up Your Platform/
 ├── Configure GitHub Actions/
 │   ├── GitHub Actions (index)
 │   ├── Design Decisions/
 │   ├── GitHub OIDC with AWS
 │   ├── Setup RunsOn                            # UPDATED - now primary option
+│   └── Tutorials/                              # NEW folder
+│       ├── Philips Labs Runners                # MOVED + deprecated notice
+│       └── EKS ARC Runners                     # MOVED + deprecated notice
-│   ├── Philips Labs GitHub Runners             # MOVED to tutorials/
-│   └── EKS GitHub Actions Controller           # MOVED to tutorials/
 │
 ├── Orchestrate Containers/
 │   ├── Use ECS/
 │   └── Use EKS/
 │
 └── Automate Terraform (Atmos Pro)/
     ├── Atmos Pro (index)
     ├── Setup Atmos Pro                         # REWRITTEN
+    ├── Deploy with Terraform                   # NEW (was in tutorials/)
+    ├── Drift Detection                         # NEW
     └── Tutorials/
-        ├── Deploy with Terraform               # MOVED up to main level
+        └── Migrate from GitHub Actions GitOps  # NEW

 Deploy Your Apps/
 ├── Provision Databases/
 └── Implement CI/CD (Software Delivery)/
     └── EKS with ArgoCD/

 Monitor Everything/
 ├── Implement Telemetry/
 │   ├── Datadog/
 │   └── Grafana/
 └── Security and Compliance/

 GitOps/                                         # ALL PAGES DEPRECATED
 ├── GitOps (index)                              # + deprecation notice
 ├── Setup                                       # + deprecation notice
 ├── Example Workflows                           # + deprecation notice
 └── FAQ                                         # + deprecation notice

Layer Changes Summary

Layer Added Removed Modified
Accounts setup-cloudtrail, tutorials/create-account-root-users, tutorials/legacy-account-map account-baseline, tutorials/cold-start, tutorials/deprecated-cold-start-components, tutorials/manual-configuration accounts, deploy-accounts, initialize-tfstate, prepare-aws-organization, faq, how-to-create-superadmin-user
Identity atmos-auth, centralized-root-access, tutorials/access-control-evolution, tutorials/aws-saml centralized-terraform-access, faq, docs/, optional/, tutorials/expanding-iam-roles, tutorials/how-to-create-delegated-role, tutorials/how-to-easily-switch-roles, tutorials/leapp/* identity, aws-sso, deploy, how-to-log-into-aws
Network - - connect-network (rewritten), access-network, deploy-vpcs, dns-setup
GitHub Actions tutorials/tutorials.mdx - runs-on, github-actions, design-decisions/decide-on-self-hosted-runner-architecture; MOVED: philips-labs-github-runners, eks-github-actions-controller → tutorials/
Atmos Pro deploy-with-terraform, drift-detection, tutorials/migrate-from-github-actions-gitops tutorials/deploy-with-terraform (moved up) atmos-pro, setup
GitOps - - All pages get deprecation notices
Project tutorials/migrate-from-account-map - toolbox

Workflow Snippets

Updated examples/snippets/stacks/workflows/quickstart/:

 quickstart/
 ├── app/
 │   ├── app-on-ecs.yaml
 │   └── app-on-eks-with-argocd.yaml
 ├── foundation/
 │   ├── accounts.yaml                           # UPDATED (merged baseline)
+│   ├── atmos-pro.yaml                          # NEW (renamed from gitops.yaml)
-│   ├── baseline.yaml                           # REMOVED (merged into accounts)
-│   ├── github.yaml                             # REMOVED (OIDC → identity)
-│   ├── gitops.yaml                             # RENAMED → atmos-pro.yaml
 │   ├── identity.yaml                           # UPDATED (added OIDC deployment)
+│   └── runs-on.yaml                            # NEW (runner deployment only)
 ├── monitor/
-│   └── compliance.yaml                         # RENAMED
+│   └── security-and-compliance.yaml            # RENAMED from compliance.yaml
+├── network/                                    # NEW folder
+│   └── network.yaml                            # MOVED from foundation/
-├── foundation/network.yaml                     # MOVED → network/network.yaml
 └── platform/
-    └── argocd.yaml                             # RENAMED
+    └── software-delivery.yaml                  # RENAMED from argocd.yaml

Why

  • Transition to Atmos Auth, AWS SSO Permission Sets, and Atmos Pro
  • Simplify IAM architecture by removing aws-teams/aws-team-roles
  • Better GitOps experience through Atmos Pro vs custom GitHub Actions
  • RunsOn provides simpler self-hosted runners without Kubernetes dependency
  • Workflow file naming aligns with docs site layer structure

References

@milldr milldr changed the title Deprecate account map docs: Add PRD for account-map deprecation documentation updates Dec 8, 2025
@milldr
docs: add deprecation notices and CLAUDE.md instructions for account-…
3e58475 
…map removal

- Add deprecation admonitions to legacy GitOps, Leapp, and identity pages
- Create stub pages for new architecture: atmos-auth, atmos-profiles, centralized-root-access, static-account-map, component-vendoring-mixins, migrate-from-account-map
- Add TODO comments tracking required updates across all affected pages
- Create CLAUDE.md with docs site instructions, content sources, and link fixing workflow
- Create .claude/skills for docs-conventions and docs-build
- Fix broken links to /layers/atmos-pro/ in gitops deprecation notices
- Update sidebars.js to remove GitOps from Automate Terraform section
- Add Phase 4 to aws-access-control-evolution.mdx documenting new architecture
@milldr
fix: preserve original content in aws-access-control-evolution.mdx, o…
c37aff1 
…nly add TODO
@milldr
major refactor to deprecate account-map etc
49b69a8
milldr
milldr commented Dec 10, 2025
View reviewed changes
milldr
milldr commented Dec 10, 2025
View reviewed changes
milldr
milldr commented Dec 10, 2025
View reviewed changes
@milldr milldr changed the title docs: Add PRD for account-map deprecation documentation updates docs: deprecate account-map and add Atmos Pro layer Dec 11, 2025
@milldr @claude
feat: restructure GitHub Actions layer with RunsOn as primary, update…
0bda750 
… workflow snippets

- Move legacy runners (Philips Labs, ARC) to tutorials/ subfolder
- Make RunsOn the recommended self-hosted runner option
- Update design decisions with RunsOn benefits
- Add Network Requirements section to runs-on.mdx
- Standardize "RunsOn" naming (no space)
- Rename workflow files: gitops→atmos-pro, github→runs-on, compliance→security-and-compliance, argocd→software-delivery
- Move network workflows to dedicated network/ folder
- Merge baseline workflows into accounts
- Update AtmosWorkflow fileName references across all docs
- Add redirects for moved pages

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@milldr milldr changed the title docs: deprecate account-map and add Atmos Pro layer docs: deprecate account-map, restructure GitHub Actions, update workflow naming Dec 12, 2025
@milldr milldr marked this pull request as ready for review December 12, 2025 17:20
@milldr milldr changed the title docs: deprecate account-map, restructure GitHub Actions, update workflow naming docs: deprecate account-map and related components Dec 12, 2025
@milldr milldr added the major label Dec 12, 2025
@milldr
chore: merge master into deprecate-account-map
2056c82 
# Conflicts:
#	examples/snippets/.github/workflows/atmos-pro-terraform-apply.yaml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

major

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@milldr