AWS Control Tower

Plan, Design and Migrate from your existing Organization

Overview

With introduction of AWS Control Tower to provision and manage multi- account AWS Environment, AWS has made it simpler to crate new AWS account and thus eliminating the need to manage AWS provided complex landing zone or any home grown solution.

AWS Control Tower combines and integrates the capabilities of several other AWS Services, including AWS Organizations, AWS Single Sign-on, and AWS Service Catalog.

AWS Control Tower has the following features:

• Landing zone — A landing zone is a well-architected, multi-account AWS environment that’s based on security and compliance best practices. It is the enterprise-wide container that holds all of organizational units (OUs), accounts, users, and other resources.
• Guardrails — A guardrail is a high-level rule that provides ongoing governance for your overall AWS environment. It’s expressed in plain language. Two kinds of guardrails exist: preventive and detective. Three categories of guidance apply to the two kinds of guardrails: mandatory, strongly recommended, or elective.
• Account Factory — An Account Factory is a configurable account template that helps to standardize the provisioning of new accounts with pre-approved account configurations.
• Dashboard — The dashboard offers continuous oversight of landing zone It enables to view provisioned accounts, guardrails enabled for policy…