AWS Control Tower now allows you to use existing security and logging accounts, and extend Control Tower governance to your existing AWS environment. Learn how this improves your account flexibility and governance.
Explore how we helped an educational technology company migrate from Microsoft Azure to AWS, consolidating their applications, databases, search functionality, and virtual machines into a unified cloud infrastructure.
Learn how we helped our customer consolidate their IT infrastructure by migrating 25 Virtual Machines from Microsoft Azure to AWS.
Explore our technical analysis of AWS re:Invent 2024 price reductions and performance improvements across DynamoDB, Aurora, Bedrock, FSx, Trainium2, SageMaker AI, and Nova models, along with architecture details and implementation impact.
Now you can actually customize your core accounts for AWS Control Tower. Prior to this update, you were locked into Control Tower in your first deployment when setting up the landing zone, setting up a bunch of different accounts for you. This didn't work in all use cases. Some companies already would have their security account or their audit account set up, and they may want a single place for a login, for example.
And so now with these core account changes, you can actually delegate those accounts out and use your currently provisioned AWS accounts for things like logging or security, making it more centralized. You don't have to split your logs between two different accounts for different things, and it can be all in one place. This opens the door to a lot more possibilities for some of those larger enterprises that already have these well-established security and logging accounts prior to their AWS Control Tower Deployments.
They don't have to collect logs from two different places, for example. Hence, there's a much lower barrier to entry for an AWS Control Tower now if you have a pre-existing infrastructure. There used to be limitations around importing accounts into AWS Control Tower or overlaps of features. Most of those have been eliminated.
You could take an existing security account, for example, and you could import it into AWS Control Tower and then make that your security account of record for your AWS Control Tower deployment. This opens even more possibilities for a lot of these larger customers that are trying to adopt cloud and have AWS Control Tower be that single point of governance for their entire organization.
With lower barriers to entry than ever before, AWS Control Tower offers the best multi-account management solution on AWS. Are you interested in leveraging AWS Control Tower to manage and govern your accounts and establish secure & scalable cloud foundations? Check out our AWS Control Tower Caylent Catalyst.
Zach Tuttle is a Principal Customer Solutions Architect with over 25 years of IT experience, including a decade focused on on-premise VMware-based data centers. For the past nine years, he has been working with AWS partners, empowering customers to successfully build and innovate on AWS. Zach is particularly passionate about guiding customers through their initial steps into cloud computing and DevOps. He enjoys being involved with his two kids sports activities, cooking and home DIY renovation.
View Zach's articles
Pete Bird
Zach Tuttle
