AWS Control Tower Guardrails - AWS Audit Manager

AWS Control Tower Guardrails

AWS Audit Manager provides an AWS Control Tower Guardrails framework to assist you with your audit preparation.

What is AWS Control Tower?

AWS Control Tower is a management and governance service that you can use to navigate through the setup process and governance requirements that are involved in creating a multi-account AWS environment.

With AWS Control Tower, you can provision new AWS accounts that conform to your company- or organization-wide policies in a few clicks. AWS Control Tower creates an orchestration layer on your behalf that combines and integrates the capabilities of several other AWS services. These services include AWS Organizations, AWS Single Sign-On, and AWS Service Catalog. This helps streamline the process of setting up and governing a multi-account AWS environment that's both secure and compliant.

The AWS Control Tower Guardrails framework contains all of the AWS Config Rules based guardrails from AWS Control Tower.

Use AWS Audit Manager to support your audit preparation

AWS Audit Manager provides a prebuilt framework that structures and automates assessments for AWS Control Tower guardrails. This framework includes a prebuilt collection of controls with descriptions and testing procedures. These controls are grouped according to the AWS Config Rules that are based on guardrails from AWS Control Tower.

You can use the AWS Control Tower Guardrails framework in AWS Audit Manager to prepare for audits. The controls in this framework aren't intended to verify whether your systems are compliant with AWS Control Tower guardrails, and they can't guarantee that you will pass an assessment. AWS Audit Manager doesn't automatically check procedural controls that require manual evidence collection.

You can find the AWS Control Tower Guardrails framework under the Standard frameworks tab of the Framework library in Audit Manager.

For instructions on how to create an assessment using this framework, see Creating an assessment. For instructions on how to customize this framework to support your specific requirements, see Customizing an existing framework and Customizing an existing control.