- Control Tower offers the easiest way to set up and govern a new, secure & multi-account AWS environment.
- It establishes a landing zone which is based on best-practices blueprints & enables governance using guardrails users can choose from a pre-packaged list.
- It offers a dashboard for continuous oversight of multi-account environment.
- It dashboards provide reports on detective and preventive guardrails users have enabled on their accounts.
- There is no additional charge to use It. Users only pay for AWS services enabled by Control Tower. For instance: Service Catalog, Config & CloudTrail.
- It sets up AWS SSO with a native default directory. Users can configure AWS SSO with a supported directory such as AWS Managed Microsoft AD.
- It offers an abstracted, automated & prescriptive experience on top of AWS Organizations.
- It requires a standalone account that is not a member of AWS Organizations for setup.
- Guardrail contains two dimensions: it can be either preventive or detective, & it can be either mandatory or optional.
No comments:
Post a Comment