Alternate Contacts

src/config/alternate-contacts.ts defines the security, billing, and operations contacts that are set on every AWS account in your organization. AWS uses these contacts to send service notifications relevant to each contact type, independently of the root account email.

The landing zone reads this configuration and applies the same contacts to every account in your organization during the Phase 1 organization deployment.

Options

SetAlternateContactProps has three required contact fields:

Each AlternateContact has four required fields:

Example

export const alternateContacts: SetAlternateContactProps = {
  securityContact: {
    name: 'Jane Doe',
    title: 'Security Lead',
    emailAddress: 'security@your-org.com',
    phoneNumber: '+1 555-0100',
  },
  billingContact: {
    name: 'John Doe',
    title: 'Finance Lead',
    emailAddress: 'billing@your-org.com',
    phoneNumber: '+1 555-0101',
  },
  operationsContact: {
    name: 'Jane Doe',
    title: 'Operations Lead',
    emailAddress: 'operations@your-org.com',
    phoneNumber: '+1 555-0102',
  },
};

How it's used

The alternate contacts are applied during the Phase 1 organization deployment and set on every account in the organization, the management account included. The Organization stack derives a reconcile trigger from the current set of account emails for you, so when you change a contact value or add an account and redeploy, the contacts are re-applied across every account automatically. You don't set that trigger yourself.

Things to know

• AWS uses the securityContact for abuse and security-advisory notifications, so make sure it reaches someone who can act on them promptly.
• The contacts you set here override any contacts previously configured in the AWS console for those accounts.
• Phone numbers must include the country code (e.g. +1 for US numbers).