Added more concrete steps to the Getting Started Guide

Author: Christi Miller

GETTING_STARTED.md

@@ -1,36 +1,71 @@
-# TODO -- Write a more cohesive overview. 
-Deploying Flightdeck involves a series of steps, starting from setting up your AWS environment to deploying specific modules. Here's a high-level tutorial:
+## Overview
+The Flightdeck platform is a containerized runtime environment built on top of popular cloud services including security, CI/CD, and scalability features.  Deploying the Flightdeck platform involves a series of steps as prerequisites, as well as steps to deploy the platform itself.  This guide walks through the end-to-end vanilla deployment.
 
-## Prerequisites
-    AWS Account: Ensure you have an AWS account with appropriate permissions.
-    Install Required Tools: Terraform, AWS CLI, and kubectl should be installed on your local machine.
+For new or existing projects, especially ones that have PII data (think health and financial services) Flightdeck provides a powerful, enterprise ready platform to begin building or migrating enterprise-grade applications.  Flightdeck has already been used for many in education, health, and financial industries just to name a few.
 
-# TODO -- these steps are an example of format.
-## Step 1: Network Setup
+This guide walks through a linear process of deployment based on the (AWS Platform Guide)[https://thoughtbot.atlassian.net/wiki/spaces/APG/overview].  It is highly recommended to read through each relevant section to understand the nuances of the steps this tutorial outlines.
 
-    Deploy Network Module: Use the Flightdeck network module to set up your VPC, subnets, and other network-related configurations. This is a foundational step before deploying an EKS cluster.
-        Module: Flightdeck provides a network module for this purpose.
+## Steps
+* (Platform Dependencies)[https://thoughtbot.atlassian.net/wiki/spaces/MC/pages/104824833/Platform+Dependencies].
+* Create email groups for AWS root users.
+* Create source code repositories -- for details on the repos needed, see (Repository Conventions)[https://thoughtbot.atlassian.net/wiki/spaces/APG/pages/10649919].
+* Create password vault.
+* Create management AWS account.
+* Register or delegate domains.
+* (Launch Control Tower)[https://thoughtbot.atlassian.net/wiki/spaces/APG/pages/11239471].
+* (Launch Customizations for Control Tower)[https://thoughtbot.atlassian.net/wiki/spaces/APG/pages/86999041].
+* (Set up accounts)[https://thoughtbot.atlassian.net/wiki/spaces/APG/pages/11173895].
+* (Configure Single Sign On)[https://thoughtbot.atlassian.net/wiki/spaces/APG/pages/86933512].
+* Create email groups for permission sets.
+* Configure SAML for SSO.
+* Configure SCIM for SSO.
+* Configure DNS for domains.
+* Continuous Integration and Deployment (CI/CD) for infrastructure
+* (Provision Platform Resources)[https://thoughtbot.atlassian.net/wiki/spaces/APG/pages/11304961/Install]
+* Create users for developers.
+* Define infrastructure for first application.
+* Implement CI/CD for first application.
+* Define SLO agreement.
+* Define high level policies for security and compliance.
+* Discuss backup and disaster recovery plan.
+* Implement SRE infrastructure.
+* Implement automated policies for security and compliance.
+* Implement centralized backup and recovery.
 
-Step 2: EKS Cluster Setup
+## Details
 
-    Create EKS Cluster: You'll need to manually set up an EKS cluster as Flightdeck does not provide a direct module for this.
-        Module: Use a Terraform module from the Terraform Registry, such as terraform-aws-modules/eks/aws, for creating the EKS cluster.
+### Platform Dependencies
+The Landing Zone is the start URL for users to access the organization's AWS accounts.
 
-Step 3: Deploying Flightdeck Modules
+Flightdeck uses (Control Tower)[https://aws.amazon.com/controltower/] to build a Landing Zone implementing security best practices and reliable workload isolation. This provides a quick starting point for a multi-account setup while still allowing for significant customization and expansion later.
+Rather than managing individual IAM users, it is suggested to use (AWS SSO)[https://aws.amazon.com/single-sign-on/] to manage users centrally and integrate with existing identity stores like a Google or Microsoft user directory.
 
-    Platform Setup: Once the network and EKS cluster are in place, use various Flightdeck modules to deploy and configure your Kubernetes environment.
-        Modules: Flightdeck includes modules for different platform components (like ingress, monitoring, etc.). Deploy these modules as per your requirements.
+Flightdeck also uses (Customizations for Control Tower)[https://aws.amazon.com/solutions/implementations/customizations-for-aws-control-tower/] to configure (account baselines)[https://docs.aws.amazon.com/controltower/latest/userguide/terminology.html] and deploy (service control policies)[https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html].
+ 
+### Accounts and Network
+In order to fully deploy the Flightdeck platform, it is recommended to set up the (conventional accounts)[https://thoughtbot.atlassian.net/wiki/spaces/APG/pages/10649900] in addition to the standard accounts using the (landing zone repository template)[https://thoughtbot.atlassian.net/wiki/spaces/APG/pages/14680065]. It may take some time for all the required accounts to be provisioned. Once all the accounts are fully enrolled, next step is to create (VPC networks)[https://thoughtbot.atlassian.net/wiki/spaces/APG/pages/11304982].
+In the (infrastructure repository)[https://thoughtbot.atlassian.net/wiki/spaces/APG/pages/10649919] for the organization create Terraform root modules for managing VPCs and related networking resources. Diagrams of the network and account structure can be provided to security teams for compliance framework purposes.
 
-Step 4: Application Deployment
+### Ingress Stack
+In the (infrastructure repository)[https://thoughtbot.atlassian.net/wiki/spaces/APG/pages/13599104 for the organization, you can create Terraform root modules for managing ingress resources, including hosted zones, SSL certificates, load balancers, target groups, and DNS aliases. In order to provision the ingress stack, at least one hosted zone is required. For more information on configuring hosted zones see (DNS administration)[https://thoughtbot.atlassian.net/wiki/spaces/APG/pages/11173932].
 
-    Deploy Applications: With your Kubernetes environment ready, you can now deploy your applications onto the cluster.
+Flightdeck includes a (Terraform module)[https://thoughtbot.atlassian.net/wiki/spaces/APG/pages/14450709] for provisioning an entire ingress stack, including:
+* An (application load balancer)[https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html] for handling incoming requests.
+* An (ACM certificate)[https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html] for encrypting requests using TLS.
+* A (Route 53 alias)[https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-choosing-alias-non-alias.html] to publish a DNS address for the load balancer.
+* (Target groups)[https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html] for the clusters in this ingress stack.
 
-Post-Deployment
+### Flightdeck Platform
+Flightdeck is a platform for deploying and managing applications on Kubernetes. Flightdeck consists of Terraform modules for deploying a curated set of preconfigured open source projects and AWS products.
 
-    Monitoring and Management: Set up monitoring and management tools as provided or recommended by Flightdeck modules.
-    Security: Ensure all aspects of your deployment are secure and compliant with your organization's standards.
+In order to deploy Flightdeck, you'll first need Kubernetes clusters. On AWS, Flightdeck is designed to deploy to AWS's EKS platform. Flightdeck contains a (cluster Terraform module)[https://thoughtbot.atlassian.net/wiki/spaces/APG/pages/14680073] capable of setting up compatible EKS clusters.
+Create a root module for each phase of the software development lifecycle to deploy an (EKS cluster)[https://docs.aws.amazon.com/eks/latest/userguide/clusters.html] and (managed node groups)[https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html].
+Finally, deploy Flightdeck for the sandbox and production clusters using the (workload platform module)[https://thoughtbot.atlassian.net/wiki/spaces/APG/pages/14680081].
 
-## Further Information
+### Monitoring Set Up
+(Grafana)[https://grafana.com/] is recommended to monitor infrastructure and applications. AWS's managed services can be leveraged for deploying centralized Prometheus and Grafana instances. Flightdeck can forward time series data from its federated Prometheus instance to an AWS Managed Prometheus instance for long-term storage. This instance can also be used as a data source for AWS Managed Grafana
+
+## Further Platform Information
 - [AWS](./aws/README.md)
 - [Other](./platform/README.md)
 

getting-started/main.tf

@@ -12,7 +12,7 @@ terraform {
 
 # Add the AWS provider
 provider "aws" {
-  region = "us-east-1" 
+  region = "ADDME" 
 	profile = "ADDME"
 }