AWS Security Blog

Category: AWS Control Tower

Minimize risk through defense in depth: Building a comprehensive AWS control framework

Security and governance teams across all environments face a common challenge: translating abstract security and governance requirements into a concrete, integrated control framework. AWS services provide capabilities that organizations can use to implement controls across multiple layers of their architecture—from infrastructure provisioning to runtime monitoring. Many organizations deploy multi-account environments with AWS Control Tower, or […]

How to get read-only visibility into the AWS Control Tower console

September 20, 2024: We’ve fixed a few errors in the JSON policy. September 12, 2022: This blog post has been updated to reflect the new name of AWS Single Sign-On (SSO) – AWS IAM Identity Center. Read more about the name change here. When you audit an environment governed by AWS Control Tower, having visibility […]