Easy setup (#140)

* easy setup

* fix s3 bpa dead link

* fix rAWSControlTowerRole Arn output

* easy setup

* fix dead s3 link

* update readme links

* update readme links

Author: cyphronix

CHANGELOG.md

@@ -3,6 +3,7 @@
 ## Table of Contents<!-- omit in toc -->
 
 - [Introduction](#introduction)
+- [2023-05-05](#2023-05-05)
 - [2023-04-10](#2023-04-10)
 - [2023-01-19](#2023-01-19)
 - [2022-12-02](#2022-12-02)
@@ -34,12 +35,16 @@
 All notable changes to this project will be documented in this file.
 
 ---
+## 2023-05-05
+
+### Changed<!-- omit in toc -->
+
+- Added the [Easy Setup](aws_sra_examples/easy_setup) solution to enhance customer experience during deployment operations.
 ## 2023-04-10
 
 ### Changed<!-- omit in toc -->
 
 - Added NIST Security Standard to Security Hub solution [Security Hub Organization](aws_sra_examples/solutions/securityhub/securityhub_org)
----
 
 ## 2023-01-19
 
@@ -95,7 +100,7 @@ All notable changes to this project will be documented in this file.
 - [EC2 Default EBS Encryption](aws_sra_examples/solutions/ec2/ec2_default_ebs_encryption) solution updates:
   - Added DeadLetterConfig to the Lambda function.
   - Removed the checkov suppression for not having a DLQ configured.
-- [S3 Block Account Public Access](aws_sra_examples/solutions/s3_block_account_public_access) solution updates:
+- [S3 Block Account Public Access](aws_sra_examples/solutions/s3/s3_block_account_public_access) solution updates:
   - Removed the checkov suppression for not having a DLQ configured.
 
 ## 2022-05-15
@@ -112,7 +117,7 @@ All notable changes to this project will be documented in this file.
   - Added account and organization event support.
   - Added SNS fanout for configuring accounts to replace multi-threading.
   - Added Lambda environment variables to replace SSM parameter for configuration.
-- [S3 Block Account Public Access](aws_sra_examples/solutions/s3_block_account_public_access) solution updates:
+- [S3 Block Account Public Access](aws_sra_examples/solutions/s3/s3_block_account_public_access) solution updates:
   - Added account and organization event support.
   - Added SNS fanout for configuring accounts to replace multi-threading.
   - Added Lambda environment variables to replace SSM parameter for configuration.

README.md

@@ -7,8 +7,10 @@ Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. SPDX-License-
 ## Table of Contents<!-- omit in toc -->
 
 - [Introduction](#introduction)
-- [Getting Started with the SRA Code Examples](#getting-started-with-the-sra-code-examples)
-- [Quick Setup](#quick-setup)
+- [Getting Started Using the AWS SRA Easy Setup (Recommended)](#getting-started-using-the-aws-sra-easy-setup-recommended)
+  - [AWS SRA Easy Setup](#aws-sra-easy-setup)
+- [Manual Install Method For the AWS SRA](#manual-install-method-for-the-aws-sra)
+  - [AWS SRA Quick Setup](#aws-sra-quick-setup)
 - [Example Solutions](#example-solutions)
 - [Utils](#utils)
 - [Environment Setup](#environment-setup)
@@ -28,24 +30,48 @@ to modify and tailor these solutions to suit your environment and security needs
 
 The examples within this repository have been deployed and tested within an `AWS Control Tower` environment using `AWS CloudFormation` as well as the `Customizations for AWS Control Tower (CFCT)` solution.
 
-## Getting Started with the SRA Code Examples
+## Getting Started Using the AWS SRA Easy Setup (Recommended)
 
-![How to get started process diagram](./aws_sra_examples/docs/artifacts/where-to-start-process.png)
+![How to get started with the easy setup process diagram](./aws_sra_examples/docs/artifacts/easy-setup-process.png)
+
+1. Setup the environment to configure [AWS Control Tower](https://docs.aws.amazon.com/controltower/latest/userguide/getting-started-with-control-tower.html) within a new or existing AWS account. Existing AWS Control Tower environments can also be used but may require existing service configurations to be removed.
+2. Choose a deployment method:
+   - AWS CloudFormation StackSets/Stacks - [CFN AWS SRA Easy Setup Implementation Details](./aws_sra_examples/easy_setup#cloudformation-implementation-instructions)
+     - See [AWS CloudFormation Documentation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/what-is-cfnstacksets.html) for more information.
+   - Customizations for AWS Control Tower (CfCT) - [CfCT AWS SRA Easy Setup Implementation Details](./aws_sra_examples/easy_setup#customizations-for-control-tower-implementation-instructions)
+     - See [CfCT Documentation](https://aws.amazon.com/solutions/implementations/customizations-for-aws-control-tower/) for more information.
+3. If using CfCT, deploy the AWSControlTowerExecution role into the management account.
+4. Using parameters within the easy setup template file, choose which AWS SRA Solutions to deploy.  This can be done during initial setup or as an update later.
+
+For more information view the [AWS SRA Easy Setup](./aws_sra_examples/easy_setup) solution page.
+
+### AWS SRA Easy Setup
+
+Using the AWS SRA Easy Setup, the common prerequisites and all AWS SRA solutions are automatically packaged, staged, and deployed into your AWS environment with minimal effort.  This is the recommended method to install the AWS SRA code library because it reduces the likelihood of missing a step in the Manual install method.  If using this method to install the AWS SRA code library, there is no other process you need to follow.
+
+Follow the instructions in the [AWS SRA Easy Setup](./aws_sra_examples/easy_setup) solution page to install everything you need to get the AWS SRA code library and it's solutions deployed.
+
+## Manual Install Method For the AWS SRA
+
+![How to get started process diagram (manual install)](./aws_sra_examples/docs/artifacts/where-to-start-process.png)
 
 1. Setup the environment to configure [AWS Control Tower](https://docs.aws.amazon.com/controltower/latest/userguide/getting-started-with-control-tower.html) within a new or existing AWS account. Existing AWS Control Tower environments can also be used but may require existing service configurations to be removed.
 2. Deploy the [Common Prerequisites](aws_sra_examples/solutions/common/common_prerequisites) solution. **Note:** This only needs to be done once for all the solutions.
 3. Choose a deployment method:
    - AWS CloudFormation StackSets/Stacks - [AWS Documentation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/what-is-cfnstacksets.html)
-   - Customizations for AWS Control Tower (CFCT) - [Solution Documentation](https://aws.amazon.com/solutions/implementations/customizations-for-aws-control-tower/)
+   - Customizations for AWS Control Tower (CfCT) - [Solution Documentation](https://aws.amazon.com/solutions/implementations/customizations-for-aws-control-tower/)
 4. (Optional) - Deploy the [Customizations for AWS Control Tower (CFCT) Setup](aws_sra_examples/solutions/common/common_cfct_setup) solution. **Note** Only implement if the CFCT deployment method was selected.
-5. Per your requirements select one or all of the below [Example Solutions](#example-solutions) to implement via the selected deployment method.
+5. Per your requirements select one or all of the below [AWS SRA Solutions](#example-solutions) to implement via the selected deployment method.
+   -  You may use the `Quick Setup` to deploy the AWS SRA Solutions at this step.
 
-## Quick Setup
+### AWS SRA Quick Setup
 
-With the `Quick Setup` you can now deploy all the [Example Solutions](#example-solutions) listed in the below table via a single centralized CloudFormation template either directly within the CloudFormation console or via the Customizations for AWS Control Tower (CFCT) solution. Our testing within an environment that has the default AWS Control Tower setup (3 accounts and 1 region) resulted in deploying all the solutions within the `Quick Setup` in under 20 minutes.
+The `Quick Setup` can be used along with the manual install of the AWS SRA.  Once you have manually installed the common prerequisites, instead of installing each solution individually, you can deploy all the [Example Solutions](#example-solutions) listed in the below table via a single centralized CloudFormation template either directly within the CloudFormation console or via the Customizations for AWS Control Tower (CFCT) solution. Our testing within an environment that has the default AWS Control Tower setup (3 accounts and 1 region) resulted in deploying all the solutions within the `Quick Setup` in under 20 minutes.  
 
 Follow the instructions within the [Quick Setup](aws_sra_examples/quick_setup) to deploy all or a subset of the solutions based on your environment requirements.
 
+*Note: The `Quick Setup` is not designed to be used with the `Easy Setup` procedure.  Using them together may produce mixed results as we have not tested this.  It is recommended to use the `Easy Setup` process*
+
 ## Example Solutions
 
 - **Note:** All solutions below depend on the [Common Prerequisites](aws_sra_examples/solutions/common/common_prerequisites) solution in addition to the specified solutions within the `Depends On` column.