AWS Technology
AWS Control Tower
Since 2019, AWS Control Tower has been state-of-the-art, allowing AWS to perform the core tasks of a landing zone at the touch of a button and ensure reliable operation. With the AWS solution “Customizations for Control Tower”, the Control Tower landing zone can be customized and extended to include any service you need, such as AWS Security Hub, a central firewall, or AWS Backup.
Building a standardized landing zone with AWS Control Tower
Landing Zone is the name for a scalable and secure AWS multi-account structure designed according to various best practices from the well-architected framework. With its centralized services, this architecture forms the basis for deploying your applications quickly and securely in the AWS cloud. When building a landing zone, technical as well as organizational and procedural issues related to account structure, network, security, and access management must be included. Once implemented, the landing zone allows you to keep track of the security status or cost of your AWS accounts, among other things, while rolling out centralized rule sets. With Account Factory, you can also provision new AWS accounts reliably and quickly according to your standards. The architecture of the landing zone will be regularly adapted to the changing needs and requirements of our customers.
Since 2019, AWS Control Tower has been state-of-the-art, allowing AWS to perform the core tasks of a landing zone at the touch of a button and ensure reliable operation. With the AWS solution “Customizations for Control Tower”, the Control Tower landing zone can be customized and extended to include any service you need, such as AWS Security Hub, a central firewall, or AWS Backup.
A standard landing zone setup includes central billing, billing alerts, logging, security/governance monitoring, and the Account Factory. Common extensions to this setup include centralized VPN/Direct Connect connections in a network account, advanced individual compliance checks, or central backup.
The following figure shows a typical landing zone with its core tasks:
Key benefits
Maximum transparency
Both security-relevant findings and costs can be viewed centrally – including by your project teams – so that you can achieve maximum efficiency with the greatest possible security.
Simplified operation
AWS provides the Control Tower service at the touch of a button. The landing zone core services are operated by AWS in a fail-safe manner. The Control Tower meets your basic cloud infrastructure requirements.
Speed
Standardized provisioning of new AWS accounts; centralized logging to ensure compliance and privacy
Full customization capabilities
“Customizations for Control Tower” allow you to individually adapt your landing zone to suit your needs.
Centralized governance and control
Security monitoring and central rule sets through service control policies
Benefit title
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
Sustainable AWS Landing Zone
This one-page overview explains in detail how we can help you set up your own AWS landing zone. We will train your staff and you will receive comprehensive documentation regarding the entire setup.
Accelerated Control Tower Framework
This one-page overview tells you everything you need to know about our 3-day workshop for setting up the AWS Control Tower. Of course, we will answer all your questions and take your individual requirements into account.
AWS control tower – secure multi-account setup at the push of a button
Contact
Want to know more about AWS Control Tower?
