Welcome to the AWS CloudFormation Starter Kit, designed to streamline your infrastructure setup using CloudFormation templates and the Rain tool. This repository provides a structured approach to managing your AWS resources as code, ensuring efficient and reliable deployments.
Tip
Towards the Cloud runs the AWS foundation for modern product teams. This means your team ships faster, slashes AWS spend, and stay audit-ready without having to hire a platform squad.
Unsure where to start? Book a free AWS Account Review. We’ll analyse your AWS environment, hand you a security & cost report, and you decide whether to act on it yourself or have us execute. No pressure, no retainer required up front.
☁️ See how we turn AWS chaos into a compliant, cost-efficient platform…
Ad‑hoc builds become 40–60% overspend, unmonitored security gaps put customer data at risk, and engineers burn out running infrastructure instead of shipping products.
- ✅ Compliant Landing Zone – Multi-account AWS CDK deployment with 100% CIS benchmark coverage, centralized logging, and SSO-ready access control.
- ✅ Production-ready CDK components – Pre-hardened building blocks so teams launch new services without reinventing best practices.
- ✅ CI/CD with safe rollbacks – GitOps workflows and governed pipelines that let you release faster with confidence.
- ✅ Quarterly cost & security reviews – Cost Optimisation plus Security Reviews delivered proactively.
- ✅ Fractional Cloud Engineer – On-demand expertise from an architect who implemented enterprise-grade AWS infrastructure for over a decade.
- 30%+ lower AWS bill – Continuous oversight prevents expensive drift (30–60% documented savings).
- SOC 2 / HIPAA acceleration – Guardrails, logging, and evidence packs ready on day one.
- Audit-ready every quarter – Automated monitoring plus recurring reviews keep findings under control.
- Faster product velocity – Engineers build features, not managing infrastructure.
- Headcount leverage – A flexible retainer replaces the cost of a full-time platform team.
Proof: Y Combinator startup Accolade used our Landing Zone to earn SOC 2 in record time:
“We achieved a perfect security score in days, not months.” — Galen Simmons, CEO
Ready to see where your AWS account stands? Grab a spot while they’re available:
- ⚡ One-Command Setup: A single bootstrap script automatically generates environment-specific parameter files, configures GitHub Actions workflows, and sets up OIDC authentication—getting you production-ready in minutes.
- 🔒 Secure Deployments: Deploy CloudFormation stacks securely via OIDC-authenticated GitHub Actions—no long-lived AWS credentials needed.
- 🤖 Pre-Commit Validation: Templates are scanned with cfn-lint and Checkov before deployment to catch security issues and AWS best practice violations early.
- 🌐 Multi-Environment Support: Separate parameter files for dev, staging, and production environments with isolated deployment workflows.
- 🚀 Automated CI/CD: Push to main and watch your infrastructure deploy automatically with full validation and rollback capabilities.
This project requires Python 3 and pip for managing dependencies.
To get started, follow these steps:
-
Click the green "Use this template" button to create a new repository based on this starter kit.
-
Install checkov, cfn-lint via pip & rain via homebrew:
brew install rain
pip install -r requirements.txt- Run the
provision-repo.shscript to generate the parameter and workflow files for your environment:
./scripts/provision-repo.sh- Validate your CloudFormation templates:
./scripts/validate.sh- Deploy the oidc-provider CloudFormation stack:
./scripts/deploy-templates.shWarning
Make sure that you have the required IAM role or user setup in your aws config file. Use a tool such as Granted to make accessing your AWS account via the CLI easier and more secure.
- Navigate to your repository's settings on GitHub and configure the Actions variables as shown below:
You can now deploy your CloudFormation stacks by committing changes to the main branch.
For complete details on how this starter kit works, advanced configuration options, and best practices, visit the official documentation:
Looking for a more modern approach to managing your AWS infrastructure? Consider using the AWS CDK Starter Kit for a tailored experience that leverages the full power of AWS CDK with TypeScript.
Special thanks to the creators of Rain, Checkov, and cfn-lint for their invaluable tools that make infrastructure management easier and more secure.
