Posted On: Nov 28, 2022

AWS Control Tower now offers support for account factory customization, enabling you to customize your new and existing AWS accounts prior to provisioning them from within the AWS Control Tower console. With this release, you can now use AWS Control Tower to define account blueprints that scale your multi-account provisioning without starting from scratch with every account. An account blueprint describes the specific resources and configurations that are used when an account is provisioned. You may also use pre-defined blueprints, built and managed by AWS partners, to customize accounts for specific use cases.  

Customers often need to customize their accounts to meet their business needs. Previously, customers used AWS Control Tower’s pre-defined account blueprint, with default resources, configurations, and VPC, or developed alternative solutions to add customizations to their accounts. In AWS Control Tower, you can now define and implement custom account requirements as part of a well-defined account factory workflow, and immediately start using the account after it is provisioned. AWS Control Tower automates the entire process on your behalf, freeing you from the need to build and maintain costly deployment pipelines. 

AWS Control Tower offers a streamlined way to set up and govern a new, secure, multi-account AWS environment based on AWS best practices. You can start customizing accounts now in AWS Control Tower. To learn more, visit the AWS Control Tower homepage or see the AWS Control Tower User Guide. Account factory customization is generally available in the following AWS Regions: US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central) Region, Asia, Pacific (Sydney), Asia Pacific (Singapore) Region, Europe (Frankfurt) Region, Europe (Ireland), Europe (London) Region, Europe (Stockholm) Region, Asia Pacific (Mumbai) Region, Asia Pacific (Seoul) Region , Asia Pacific (Tokyo) Region, Europe (Paris) Region, South America (São Paulo) Region.

To learn how to create these customizations, see the documentation on creating products in AWS Service Catalog. You can also select partner-managed blueprints from the Getting Started Library in Service Catalog, which includes solutions from CSS, Datadog, F5, Fortinet, Snyk, Splunk, Sysdig, Cisco, Cribl, Effectual and Lacework.