AWS Control Tower is a compliance and governance service that extends the capabilities of AWS Organization ensuring your multi-account environment follows industry standard best practices. The service helps to manage your organization and accounts by applying both mandatory and elective controls in the form of guardrails, manages the orchestration, creation and enrollment of both new and existing accounts and ensures overall governance across all resources and how they are configured. For example, you can ensure that all S3 buckets created within any of your accounts have versioning enabled for better security.
In this video how-to-guide, we examine how you can provision AWS Control for existing AWS Organizations and extend governance to existing OUs and AWS accounts. Often you will come across clients who may have already started their AWS journey and have already started to set up and configure AWS accounts. Using AWS Control Tower, you can extend AWS’s recommended best practices for managing and governing existing and new AWS accounts.
Learn the fundamentals of AWS Control Tower and how you can configure the service both for new multi-account environments and for existing organizations