Your landing zone is now available.
AWS Control Tower has set up the following:
- 2 organizational units, one for your shared accounts and one for accounts that will be provisioned by your users.
- 3 shared accounts, which are the management account and isolated accounts for log archive and security audit.
- A native cloud directory with preconfigured groups and single sign-on access.
- 20 preventive guardrails to enforce policies and 3 detective guardrails to detect configuration violations.
Enroll existing accounts in AWS Control Tower
You can enroll existing accounts from your AWS Organizations organization in AWS Control Tower and manage them in the same way that you manage accounts created with account factory. Some additional work is required for enrollment.
No comments:
Post a Comment