Account Factory
Account Factory

Provision AWS accounts at the push of a button

Quickly and easily create AWS accounts and git repos for new projects and teams, complete with best-practice account baselines ready for production workloads.

Optimized For:
Book a DemoRead the Docs
Trusted by devops teams at

Speed up provisioning of new AWS accounts

Automate account creation and establish best-practice baselines that meet your teams' needs.

XSquare

Traditional ClickOps

Manual setup in the AWS console is time consuming, error prone, and inconsistent.

XSquare

Account Factory for Terraform

Battle with needless complexity only to achieve an incomplete solution.

CloudCheck

Gruntwork Account Factory

Streamline and automate the end-to-end process of creating and configuring new AWS accounts.

Capabilities

Provision new AWS accounts in a standardized, maintainable way

Give your teams the accounts, repos, baselines, configurations, and workflows they need to succeed, automatically.

AWS ACCOUNTS

Vend and baseline new AWS accounts

    Use GitOps. Create new AWS accounts by opening a Pull Request that calls a standard OpenTofu/Terraform module.
    Configure with code. Set your new AWS account's name, root email address, Organization Unit (OU), and even custom properties like tag values, all using code.
    Use AWS Control Tower. Use Gruntwork's OpenTofu/Terraform modules for AWS Control Tower, and then use the standard Control Tower UI to review account status, SCPs, and more.
Secure and compliant

Get tested, compliant AWS account baselines

    Achieve compliant baselines. Gruntwork IaC Library modules create new AWS accounts that meet the requirements of the CIS AWS Foundations Benchmark.
    Configure all the things. Account baseline configurations include IAM roles, SSO access, tagging policies, secure network configurations, and more.
    Assume a strong security posture. Automatically configure Amazon GuardDuty, Amazon Macie, AWS Config, AWS CloudTrail, and optionally AWS SecurityHub.
Terraform/OpenTofu

Use OpenTofu / Terraform modules

    Build with standards. Vend new AWS accounts that are nothing more than instances of standard OpenTofu/Terraform modules.
    Customize as needed. Because it's just code, you can customize your new AWS accounts to include whatever configuration you need.
    Get automatic updates. As Gruntwork releases new updates to underlying AWS account vending modules, stay up to date automatically using Gruntwork Patcher.
Team accounts

Stand up a single AWS account or an entire team

    Vend many accounts at once. With Account Factory Enterprise, you can vend a new set of AWS accounts as part of setting up a new team.
    Create git repos. As part of vending a new team, you can also create a new GitHub repo for them, all in the same chain of pull requests.
    Customize your teams. Need to configure complex customer accounts, or special items for new internal teams? Everything is just code and fully customizable.
Gruntwork and Terragrunt bring a level of robustness to your Terraform workflows that's hard to overstate. They effectively level up your infrastructure management, providing a solid foundation for complex deployments.
Matthew Brahms Headshot
Matthew BrahmsSenior Platform Engineer
Get started

Try a Proof of Concept

Take it for a spin with a month-to-month contract. Pay less on an annual plan once you’ve proven the value.

Book a DemoExplore pricing
Crossed Arms

Part of the Gruntwork DevOps Platform

Account Factory works seamlessly with other Gruntwork products.

IaC Library
IaC Library
Use battle-tested best practices.
Pipelines
Pipelines
Deploy infrastructure changes.
Patcher
Patcher
Keep infrastructure up to date.