AWS Control Tower
This course explores the AWS Control Tower service, the newest and best way to orchestrate your organizations around best practices, security, auditing, and overall account management.
- Learn how to, create governance accounts, audit accounts
- Understand how to provision new accounts that strictly adhere to security best practices
- Understand how your accounts might experience security drift and how to manage these problems within AWS Control Tower
This course is recommended for IT Administrators, business leaders, security auditors, and engineers who want to learn more about account provisioning, auditing, security, and everything in between.
To get the most out of this course, having a decent background in computing is fundamental. Additionally, you should have basic knowledge of the AWS Cloud, and how provisioning works within the system.
Wrap Up. One of the biggest hurdles that any company has to deal with, is how to effectively manage their infrastructure. A large part of this management is understanding the best ways to provision new accounts for their developers, administrators, and auditors. Not only do you have to deal with provisioning, you also have to understand security and keeping your users bound within a safety net that can keep your data secure.
With the advent of AWS Control Tower, we now have a service that offers higher level views on these topics than any other service AWS has provided so far. The amount of power and pre-configured options that come stock with AWS Control Tower makes the service extremely valuable for basically any organization, big or small.
Right off the bat with landing zones, AWS Control Tower automatically provisions for you the structure needed to create a high quality, compliant and secure environment. The account provisioning system also adds a whole new level of simplicity for adding new users. Between Account Factory, Manual Enrollment, and the power of Lambda functions, we have the power to both individually add new users, as well as create whole hosts of accounts that are all bound within the security mechanisms we create.
Additionally, with the current outlook of AWS Landing Zones being put on long-term support mode, AWS Control Tower is the current direction that Amazon is moving forward with. They have determined that it's better to have a more overarching service that touches all of the bases, than individually using services like AWS Landing Zones, Organizations, IAM, and Service Catalog alone. With only the direct coordination of all these powerful services together, are we finally able to have an easy and relatively painless method of oversight within our architectures.
Well, that brings us to the end of this course. My name is Will Meadows, I'd like to thank you for spending some time here, learning about AWS Control Tower. If you have any feedback, positive or negative, please contact us here at: email@example.com. Your feedback is greatly appreciated, thank you.
William Meadows is a passionately curious human currently living in the Bay Area in California. His career has included working with lasers, teaching teenagers how to code, and creating classes about cloud technology that are taught all over the world. His dedication to completing goals and helping others is what brings meaning to his life. In his free time, he enjoys reading Reddit, playing video games, and writing books.