AWS Control Tower with Customizations
We offer services for installing AWS Control Tower and customizing it to meet specific needs. AWS Control Tower simplifies the process of setting up and managing an AWS multi-account environment, while following best practices. It leverages several other AWS services, including AWS Organizations, AWS Service Catalog, and AWS IAM Identity Center (successor to AWS Single Sign-On), to create a landing zone where resources are automatically set up and managed.
Our services include
- Automated blueprint deployment to create a landing zone with multi-account environments, identity management and federated identities, and centralized logging via AWS CloudTrail and AWS Config, along with cross-account security audits
- Account Factory for automated provisioning of accounts with pre-approved configurations
- Pre-packaged guardrails for prevention and detection, which can be deployed as Service Control Policies or AWS Config rules
- Mandatory guardrails that are automatically applied to accounts, along with optional guardrails to enhance security posture
- Dashboard overview of the AWS environment
- Customizations for AWS Control Tower, using AWS CloudFormation templates and service control policies (SCPs) to deploy custom templates and policies to individual accounts and organizational units (OUs) within an organization. It also integrates with AWS Control Tower lifecycle events to ensure that resource deployments stay in sync with the landing zone.