Control tower

Question 1

Control Tower Definition

Answer 1

A tool for Orchestrating service for managing Multiple accounts Accounts at scale

Question 2

Control Tower Landing Zone

Answer 2

A collection of various accounts contols and guardrails

Question 3

Control Tower Pricing

Answer 3

Free, you only pay for the services

Question 4

Why set regions in AWS Control Tower

Answer 4

Guardrail can be set to restrict certain services/operations to a specific region

Question 5

Why AWS Control Tower?

Answer 5

1. Set up a best-practices AWS environment in a few clicks
2. Standardize account provisioning
3. Centralize policy management
4. Enforce governance and compliance proactively
5. Enable end user self-service
6. Get continuous visibility into your AWS environment
7. Gain peace of mind

Question 6

Control Tower Landing zone

Answer 6

Landing zone - a preconfigured, secure, scalable, multi-account AWS environment based on best practice blueprints

Question 7

Components of Aws Control Tower

Answer 7

1. Landing zone - a preconfigured, secure, scalable, multi-account AWS environment based on best practice blueprints.
2. Multi-account management using AWS Organizations
3. Identity and federated access management using AWS SSO
4. Centralized log archive using AWS CLoudtrail and AWS Config.
5. Cross-account audit access using AWS SSO and AWS IAM.
6. End user account provisioning through AWS Service Catalog.
7. Centralized monitoring and notifications using Amazon CloudWatch and Amazon SNS