re organized md files

docs/sop/Account Factory Settings.md → docs/sop/Account Factory Settings/Account Factory Settings.md

@@ -3,14 +3,14 @@
 ## Network Configuration
 
 VPCs will be defined in code and Control Tower must not create any VPCs. There is no single option to toggle VPC
-creation off in Control Tower, from the [AWS documentation](https://docs.aws.amazon.com/controltower/latest/userguide/configure-without-vpc.html) 
+creation off in Control Tower, from the [AWS documentation](https://docs.aws.amazon.com/controltower/latest/userguide/configure-without-vpc.html)
 the following steps are required to disable VPC creation:
 
 1. Navigate to `Account Factory` in the Control Tower AWS Console.
-2. Edit the `Network configuration`
-3. Disable `Internet-accessible subnet`
-4. Set `Maximum number of private subnets` to 0
-5. Deselect all `Regions for VPC creation`
-6. Save
+1. Edit the `Network configuration`
+1. Disable `Internet-accessible subnet`
+1. Set `Maximum number of private subnets` to 0
+1. Deselect all `Regions for VPC creation`
+1. Save
 
-![img_7.png](img_7.png)
+![img_7.png](img_7.png)

docs/sop/Add a new Control Tower Control.md → docs/sop/Add a new Control Tower Control/Add a new Control Tower Control.md

@@ -2,4 +2,4 @@
 
 1. Identify the control. The AWS Console is the easiest  
 
-TODO: Continue... 
+TODO: Continue...

docs/sop/Bring an existing AWS Account.md → docs/sop/Bring an existing AWS Account/Bring an existing AWS Account.md

@@ -8,7 +8,7 @@ TODO: Complete list
 
 Each account must have non overlapping VPC CIDRs.
 
-If the account has overlapping CIDRs with other accounts it is recommended to create a new VPC with the CDK account's vpc 
-properties and then migrate the resources to the new VPC. If that's not possible consider CloudFormation imports. 
+If the account has overlapping CIDRs with other accounts it is recommended to create a new VPC with the CDK account's vpc
+properties and then migrate the resources to the new VPC. If that's not possible consider CloudFormation imports.
 It's important to note that the CDK construct will remove any existing VPCs. This creates the opportunity for migrating
-to the new VPC gradually or allows leaving the resources in the old VPC indefinitely.
+to the new VPC gradually or allows leaving the resources in the old VPC indefinitely.

docs/sop/Create Organization OUs.md → docs/sop/Create Organization OUs/Create Organization OUs.md

@@ -11,6 +11,4 @@
    - `Workloads`
    - `Suspended`
    - `Sandbox`
-
 ![img_5.png](img_5.png)
-

docs/sop/Create an AWS Account.md → docs/sop/Create an AWS Account/Create an AWS Account.md

@@ -7,29 +7,27 @@
 ### Create Account in the AWS Console
 
 > [!CAUTION]
-> Ensure that the [Account Factory Settings](Account%20Factory%20Settings.md) are correct before creating the account.
+> Ensure that the [Account Factory Settings](../Account%20Factory%20Settings/Account%20Factory%20Settings.md) are correct before creating the account.
 
 1. Log in to the Management Account and navigate to Control Tower (CT), ensure you are in the correct region.
 1. Click on the `Account Factory` in the left-hand menu. Then on `Create Account`.
-1. Fill all the details in. 
+1. Fill all the details in.
    - Make sure that the email address exists and is unique. Use "plus aliasing" if you need to create multiple accounts
      with the same email address.
    - Choose the correct OU, according to the account that you are creating:
-      - `Workloads` OU 
+      - `Workloads` OU
         - `Production` account
         - `Develop` account
-     
+
        If you hae not created the OUs yet, you can do so now by following the steps in
-       [Create Organization OUs](Create%20Organization%20OUs.md). 
-
+       [Create Organization OUs](../Create%20Organization%20OUs/Create%20Organization%20OUs.md).
 ![img.png](img.png)
 1. Check your email address, you will recieve 2 emails, the one has the invitation link for the SSO user we specified.
 ![img_2.png](img_2.png)
 1. Choose a password.
 ![img_1.png](img_1.png)
 1. Login with the SSO user and set up MFA. Select tje Authenticator app, and click on Next. Click on Show QR code,
-enlarge th web page ans use 1Password to capture the screen and read the QR code. Then enter the QR code to finish the 
-setup.
+enlarge th web page ans use 1Password to capture the screen and read the QR code. Then enter the QR code to finish the setup.
 ![img_3.png](img_3.png)
 1. You should now be able to log into the account with the SSO user.
 ![img_4.png](img_4.png)
@@ -44,8 +42,9 @@ setup.
 
 ### Add the Account to the CDK Project
 
-1. Add the new account details to the `DataLandingZoneProps` properties being passed to the DataLandingZone component. 
+1. Add the new account details to the `DataLandingZoneProps` properties being passed to the DataLandingZone component.
 1. Run the bootstrap TS script:
+
 ```ts
 import { scripts } from 'data-landing-zone';
 ...

docs/sop/IAM Identity Center.md → docs/sop/IAM Identity Center/IAM Identity Center.md

@@ -8,9 +8,8 @@
 - [AWS IAM Identity Center](#aws-iam-identity-center)
   - [Table of Contents](#table-of-contents)
   - [Differences between External Identity Provider and Internal Directory](#differences-between-external-identity-provider-and-internal-directory)
-  - [Setup External Identity Provider](#setup-external-identity-provider)
-  - [Setup Internal Directory](#setup-internal-directory)
-  - [IAM Identity Center Settings](#iam-identity-center-settings)
+  - [Step 1 - Setup AWS IAM Identity Center](#step-1---setup-aws-iam-identity-center)
+  - [Step 2 - Configre DLZ properties to use AWS IAM Identity Center](#step-2---configre-dlz-properties-to-use-aws-iam-identity-center)
     - [Key Settings for IAM Identity Center](#key-settings-for-iam-identity-center)
 
 ---
@@ -24,7 +23,7 @@
    - Useful for organizations already managing users with an external IdP to centralize identity management.
    - Supports standards like SAML 2.0 or OIDC for authentication.
 
-2. Internal Directory (AWS IAM Identity Center Directory):
+1. Internal Directory (AWS IAM Identity Center Directory):
 
    - Manages users natively within AWS IAM Identity Center without external dependencies.
    - Users are created, managed, and authenticated within the AWS environment.
@@ -39,8 +38,8 @@
 
 AWS IAM Identity Center needs to be set up to use the internal or external user store. Follow the guides below to set up one or the other. ⚠️ **Choose one, do not do both.** 
 
-- [Setting Up AWS IAM Identity Center Internal Provider](Setting%20Up%20IAM%20Identity%20Center%20Internal.md)
-- [Setting Up AWS IAM Identity Center External Identity Provider](Setting%20Up%20IAM%20Identity%20Center%20External.md)
+- [Setting Up AWS IAM Identity Center Internal Provider](../Setting%20Up%20IAM%20Identity%20Center%20Internal/Setting%20Up%20IAM%20Identity%20Center%20Internal.md)
+- [Setting Up AWS IAM Identity Center External Identity Provider](../Setting%20Up%20IAM%20Identity%20Center%20External/Setting%20Up%20IAM%20Identity%20Center%20External.md)
 
 ## Step 2 - Configre DLZ properties to use AWS IAM Identity Center
 

docs/sop/Initial Setup.md → docs/sop/Initial Setup/Initial Setup.md

@@ -2,19 +2,18 @@
 
 ## Create Control Tower
 
-1. Create a new root AWS account by following https://portal.aws.amazon.com/billing/signup
+1. Create a new root AWS account by following <https://portal.aws.amazon.com/billing/signup>
    - Be sure to use an email address that is not already associated with an AWS account and that you can access.
    - Store the username and password in a secure place.
    - You will have to link a Credit card to the account.
 1. Log into the account and navigate to Control Tower (CT)
 1. Make a choice on what you want your "Global" region to be. This is the region where you CT will be deployed. It is
-    recommended to use one of the main regions that have support for most of the services. The `eu-west-1` or 
-    `us-east-1` regions are usually good choices.
+    recommended to use one of the main regions that have support for most of the services. The `eu-west-1` or `us-east-1` regions are usually good choices.
 1. TODO: Explain more of the steps involved here, think need to manually click on the "Enable IAM Identity Center" button.
-1. Create the Organization OUs by following the steps in [Create Organization OUs](Create%20Organization%20OUs.md)
-1. Create two AWS accounts by following the steps in [Create an AWS Account](Create%20an%20AWS%20Account.md)
+1. Create the Organization OUs by following the steps in [Create Organization OUs](../Create%20Organization%20OUs/Create%20Organization%20OUs.md)
+1. Create two AWS accounts by following the steps in [Create an AWS Account](../Create%20an%20AWS%20Account/Create%20an%20AWS%20Account.md)
    1. Create a `Develop` account
-   2. Create a `Production` account
+   1. Create a `Production` account
 
 ## (OPTIONALLY) Configure Slack in the Management and Audit Account
 
@@ -23,15 +22,15 @@ AWS integration before specifying Slack channel details in the CDK.
 
 1. Log into the Management account and go to the AWS Chatbot service. Enable slack integration and follow the
    instructions to link the AWS Chatbot to your Slack workspace.
-2. Repeat for the Audit account.
+1. Repeat for the Audit account.
 
 ## Configure the CDK
 
 > [!WARNING]
-> OUTDATED 
+> OUTDATED
+
+1. Create a new CDK project and fill in account numbers and other relevant information. Ensure that the regions that you specify in the config aligns with what is CT. Ex:
 
-1. Create a new CDK project and fill in account numbers and other relevant information. Ensure that the regions that 
-   you specify in the config aligns with what is CT. Ex:
    ```ts
     export const config: DataLandingZoneProps = {
       localProfile: "ct-sandbox-exported",
@@ -58,4 +57,3 @@ AWS integration before specifying Slack channel details in the CDK.
       }
     };
    ```
-

docs/sop/README.md

@@ -9,28 +9,36 @@ We use SOPs to document all ClickOps operations. Include all relevant informatio
 
 ## Available SOPs
 
-- [Initial Setup](initial-setup.md) should be followed when starting a greenfield project.
-- [Create Organization OUs](create-organization-ous.md) should be followed when creating the required OUs in the
-   AWS Organization. This should be done before creating any accounts. We create three OUs: `Workloads`, `Suspended`, 
-   and `Sandbox`.
-- [Create an AWS Account](create-an-aws-account.md) should be followed when creating a new AWS account. We create two 
-   accounts: `Develop` and `Production` in the `Workloads` OU. This SOP can be used to create `Sandbox` accounts as well.
-- [Set Cost Allocation Tags](set-cost-allocation-tags.md) will set the cost allocation tags in the main Organization 
+- [Initial Setup](./Initial%20Setup/Initial%20Setup.md) will set up the CDK project and the Control Tower account.
+- [Create Organization OUs](./Create%20Organization%20OUs/Create%20Organization%20OUs.md) should be followed when creating the required OUs in the
+  AWS Organization. This should be done before creating any accounts. We create three OUs: `Workloads`, `Suspended`,
+  and `Sandbox`.
+- [Create an AWS Account](./Create%20an%20AWS%20Account/Create%20an%20AWS%20Account.md) should be followed when creating a new AWS account. We create two
+  accounts: `Develop` and `Production` in the `Workloads` OU. This SOP can be used to create `Sandbox` accounts as well.
+- [Set Cost Allocation Tags](./Set%20Cost%20Allocation%20Tags/Set%20Cost%20Allocation%20Tags.md) will set the cost allocation tags in the main Organization
   account used for billing.
+- [Add a new Control Tower Control](./Add%20a%20new%20Control%20Tower%20Control/Add%20a%20new%20Control%20Tower%20Control.md) will add a new control to the Control Tower
+  account.
+- [Bring an existing AWS Account](./Bring%20an%20existing%20AWS%20Account/Bring%20an%20existing%20AWS%20Account.md) will migrate an existing AWS account to the
+  CDK project.
+- [IAM Identity Center](./IAM%20Identity%20Center/IAM%20Identity%20Center.md) will set up IAM Identity Center in the AWS environment.
 
---- 
+---
 
 ## Format
+
 We are using a basic format of a SOP, that can be seen [here](template.md). Feel free to deviate from the template but
 make sure all relevant info is included.
 
 > [!IMPORTANT]
 > Do not number in order like:
-> 1. 
-> 2. 
-> 3. 
-> But instead only use 1. for all steps. The markdown GUI will automatically number the steps for you when you view it.
-> So, just use 1. for all steps, like: 
-> 1.
+>
 > 1.
-> 1. 
+> 2.
+> 3. But instead only use 1. for all steps. The markdown GUI will automatically number the steps for you when you view it.
+>    So, just use 1. for all steps, like:
+> 4.
+> 5.
+> 6.
+
+---

docs/sop/Set Cost Allocation Tags.md → docs/sop/Set Cost Allocation Tags/Set Cost Allocation Tags.md

@@ -5,16 +5,15 @@
 Tags need to be enabled for cost allocation to be used in Cost Explorer and Budgets. After enabling tags it can take
 up to 24 hours for the tags to appear in the Cost Explorer.
 
-## Use the script 
+## Use the script
 
-1. Run the script to set the cost allocation tags. It will set the Owner, Project and Environment as well as anything 
+1. Run the script to set the cost allocation tags. It will set the Owner, Project and Environment as well as anything
 specified in the `props.additionalMandatoryTags` property:
 
-```ts 
+```ts
 await scripts.cost.setCostAllocationTags(config);
 ```
 
-
 ## Manually
 
 1. Login to the ControlTower main account.
@@ -23,4 +22,4 @@ await scripts.cost.setCostAllocationTags(config);
    - `Owner`
    - `Project`
    - `Environment`
-   - + any tags specified in the `props.additionalMandatoryTags` property
+   - any tags specified in the `props.additionalMandatoryTags` property

docs/sop/Setting Up IAM Identity Center Internal.md → docs/sop/Setting Up IAM Identity Center Internal/Setting Up IAM Identity Center Internal.md

@@ -45,8 +45,8 @@ Before you begin setting up AWS IAM Identity Center, ensure you have the followi
 
 ## Step 3: Enable IAM Identity Center
 
- - If this is your first time accessing IAM Identity Center, you will be prompted to enable it.
- - Click on the **Enable IAM Identity Center** button.
+- If this is your first time accessing IAM Identity Center, you will be prompted to enable it.
+- Click on the **Enable IAM Identity Center** button.
 ![enable iam identity center](enable_iam_identity_center.png)
 
 ---
@@ -57,8 +57,8 @@ IAM Identity Center allows you to choose where your user identities are managed.
 
 ### Use IAM Identity Center as Your Identity Source
 
- - Select **IAM Identity Center** as your identity source.
- - Click **Save changes** if prompted.
+- Select **IAM Identity Center** as your identity source.
+- Click **Save changes** if prompted.
 ![select identity source](select_identity_source.png)
 
 ---