AWS Cloud Operations & Migrations Blog

Tag: AWS Control Tower

Scaling Landing Zone with AWS Control Towers

A landing zone (LZ) is a well-architected, multi-account AWS environment that is scalable and secure. This is a starting point from which your organizations can quickly launch and deploy workloads in the secured infrastructure environment. A well-defined LZ provides a set of guardrails and baselines with multi-account architecture, identity and access management, control, data security, […]

AWS Service Catalog Account Factory-Enhanced

Many enterprise customers who use AWS Control Tower to create accounts want an uncomplicated way to extend the next steps in the account creation process. These next steps cover common business use cases, including creating networks, security profiles, governance, and compliance. Executing these processes for every new account created manually is cumbersome and challenging to […]

Use AWS Control Tower to Simplify Governance in AWS GovCloud (US) Regions

Customers often tell us about the challenges they face managing multi-account environments in AWS GovCloud regions. Many of these customers are using AWS Control Tower to simplify their account governance and they’ve asked us to extend the same benefits to AWS GovCloud regions. On October 19, 2022, we announced the general availability of AWS Control […]

Simplifying Self Service with AWS Service Catalog Principal Name Sharing

Many of our customers use AWS Service Catalog for governance of their infrastructure as code (IaC) templates and self-service provisioning for a variety of use cases, from customizing multi-account environments to launching data science and development workloads. The self-service use case becomes very appealing when customer need to scale across an organization with tens to […]

AWS Cloud Operations Kiosks at AWS re:Invent 2022

The Expo on Day 3 of AWS on Wednesday, December 1, 2021 at the Venetian Resort in Las Vegas, Nevada. For most organizations, the question isn’t “if we move to the cloud” anymore; it’s “what do we move first?” and “how soon can we be operating in the cloud?” Wherever you are in your digital […]

Use existing Logging and Security Account with AWS Control Tower

AWS Control Tower provides the easiest way for you to set up and govern your AWS environment, or landing zone, following prescriptive AWS best practices managed on your behalf. AWS Control Tower orchestrates multiple AWS services (AWS Organizations, AWS CloudFormation StackSets, Amazon Simple Storage Service (Amazon S3), AWS Single Sign-On (AWS SSO), AWS Config, AWS CloudTrail) to build a landing zone […]

AWS Control Tower releases API, pre-defined controls to your organizational units

AWS Control Tower offers a direct way to set up and govern an AWS multi-account environment following prescriptive guidance and best practices. It orchestrates the capabilities of several other AWS services, including AWS Organizations, AWS Service Catalog, and AWS IAM Identity Center (successor to AWS Single Sign-On), to build a landing zone in less than […]

Deploy and Customize AWS accounts using Account Factory for Terraform in AWS Control Tower

Customers use AWS Control Tower Account Factory to create a new AWS account or enroll existing AWS accounts in their AWS Organizations. Customers launch Account Factory from the AWS Control Tower console or via AWS Service Catalog API. We hear from customers that they want to manage their AWS accounts in the same way that […]

Customize AWS Config resource tracking in AWS Control Tower environment

Some of our largest customers use AWS Control Tower to govern and secure their multi-account AWS environment. AWS Control Tower implements security best practices like enabling AWS Config during account enrollment, which monitors all supported AWS resources. We heard from some of our customers that this configuration records the activity of specific resources that aren’t […]

Managing AWS account lifecycle in AWS Control Tower using the Account Close API

AWS Control Tower provides the easiest way for you to set up and govern your AWS environment following prescriptive AWS best practices managed on your behalf. AWS Control Tower orchestrates multiple AWS services (AWS Organizations, AWS CloudFormation StackSets, Amazon Simple Storage Service (Amazon S3), AWS Single Sign-On, AWS Config, AWS CloudTrail) to build a landing […]