AWS Cloud Operations Blog
Tag: AWS Control Tower
Improve your security posture with AWS Control Tower and AWS Security Hub integration
We are excited to announce the general availability (GA) of the integration between AWS Control Tower and AWS Security Hub. With this GA release, AWS Control Tower can detect control operations performed on the Security Hub detective controls from the Security Hub service. This includes the ability to detect if Security Hub controls enabled via […]
Simplify infrastructure deployments using Customizations for AWS Control Tower and AWS Serverless Application Model
Customers want flexibility and simpler ways to manage their AWS accounts. There are several ways customers can choose to customize their AWS account deployments at scale with flexibility such as Account Factory Customization (AFC), a native solution within AWS Control Tower account factory, or Customizations for Control Tower (CfCT), which this blog focuses on. To […]
Automate account customization using Account Factory Customization in AWS Control Tower
Before customers can build, migrate and operate their workloads at scale, they must build a foundation to enable a multi-account architecture that supports the growing needs of their organization. With this foundation in place, customers can create AWS accounts to enable workload isolation within their organizations. As customers build their AWS account structure to group […]
Level up your Cloud Transformation with Experience-Based Acceleration (EBA)
Introduction For organizations moving to the cloud, fully embracing its benefits is not straightforward. Even with strong management buy-in and approved business cases, executional challenges are common. Do the below challenges resonate with what you are facing now in your cloud journey? No single-threaded owner of cloud initiatives, impacting velocity of decision-making Unable to effectively […]
Use AWS Lambda with AWS Control Tower Audit account to inspect your multi-account setup
When you are building workloads on AWS, you are encouraged to follow a multi-account strategy to isolate workloads into multiple AWS accounts. You can do this to separate your accounts based on different business units, different stages of the software development lifecycle (SDLC) or another manner that is suitable for your organization’s needs. Whichever approach […]
How AWS Control Tower users can proactively verify compliance in AWS CloudFormation stacks
AWS Control Tower customers leverage infrastructure as code (IaC) to consistently deploy resources within their AWS multi-account setup. Enterprises want their developers to create and manage resources that they need to build applications while maintaining compliance with the organizations’ security, operational, and cost optimization best practices. Most solutions today inform customers about non-compliant resources only […]
Using Amazon IPAM to enhance AWS Control Tower governance for Networking resources
Many of our customers are scaling their AWS environment to meet the growing needs of their businesses. They are building multi-VPC environments and interconnecting them with on-premises through AWS Site-to-Site VPN connection or AWS Direct Connect. As the number of projects grow customers have also adopted multi-account strategy using AWS Control Tower. This has helped […]
AWS Service Catalog Account Factory-Enhanced
Many enterprise customers who use AWS Control Tower to create accounts want an uncomplicated way to extend the next steps in the account creation process. These next steps cover common business use cases, including creating networks, security profiles, governance, and compliance. Executing these processes for every new account created manually is cumbersome and challenging to […]
Use AWS Control Tower to Simplify Governance in AWS GovCloud (US) Regions
Customers often tell us about the challenges they face managing multi-account environments in AWS GovCloud regions. Many of these customers are using AWS Control Tower to simplify their account governance and they’ve asked us to extend the same benefits to AWS GovCloud regions. On October 19, 2022, we announced the general availability of AWS Control […]
Simplifying Self Service with AWS Service Catalog Principal Name Sharing
Many of our customers use AWS Service Catalog for governance of their infrastructure as code (IaC) templates and self-service provisioning for a variety of use cases, from customizing multi-account environments to launching data science and development workloads. The self-service use case becomes very appealing when customer need to scale across an organization with tens to […]