Posted On: May 31, 2022

AWS Control Tower now gives you the capability to enroll and update member accounts individually, from within your AWS Control Tower landing zone, with a single click. You can update your landing zone, remediate account drift, or enroll an account into a registered organizational unit (OU), in a few streamlined steps.

When you update an account, there’s no need to include an account’s entire OU in each update action. As a result, the time required to update an individual account is greatly reduced. You can more easily ensure that your existing accounts include the latest configurations.

You can bring accounts under AWS Control Tower governance quickly, in fewer steps. The Enroll account button is now also separated from the Create account workflow in account factory, to create more distinction between these similar processes, and help avoid setup errors when you’re entering account information.

AWS Control Tower offers the easiest way to set up and govern a new, secure, multi-account AWS environment based on AWS best practices. Customers can create new accounts using AWS Control Tower’s account factory and enable governance features such as guardrails, centralized logging, and monitoring in supported AWS Regions. To learn more, visit the AWS Control Tower homepage or see the AWS Control Tower User Guide. For a full list of AWS Regions where AWS Control Tower is available, see the AWS Region Table.