AWS Control Tower is a service that allows you to build a secure AWS multi-account management environment. Since AWS Organizations and AWS SSO are set up automatically, it is easier than manually creating accounts. I have used this service at my company and found it convenient, so I decided to use it for my account this time. In my account, I have additionally built and managed production, staging, development, and test environments 👍
The following details are explained below.
- Landing zone settings
- Adding Accounts
- SSO connection confirmation
- Prepare two email addresses for new accounts.
- Prepare email addresses for additional accounts. In this case, prepared four additional ones separately.
How to set up a landing zone in AWS Control Tower.
This configuration will create a root account, a log archive account, and an audit account with various settings!
Here is how to add an account in AWS Control Tower.
You can create an account for each environment for multi-account management!
This is how to confirm SSO connection on AWS Control Tower.
SSO will also be set up so you can easily log in to each account!
Control Tower makes it easy to implement secure multi-account management, so give it a try! Integrating existing accounts was a bit of a challenge...
AWS Control Tower