When creating a new AWS Account, I typically do the following:
- Create the CloudTrail
- Create a Deploy Bucket
- Create Generic Alert topics for the account and subscribe my email and cell
- Create a stack to send certain cloudwatch events to a slack channel
- Configure requireMFA
- Configure Password & API Key Expiration Warning
All of these are done via automation of course