The AWS Control Tower controls library - AWS Control Tower

The AWS Control Tower controls library

The following sections include an individual reference entry for each of the controls available in AWS Control Tower. The controls are grouped into sections according to common characteristics. In the AWS Control Tower console you may see similar items as Categories: Objectives, Frameworks, Services, and Groups. Each control reference entry includes the details, artifacts, additional information, and considerations to keep in mind when enabling a specific control on a OU in your landing zone.

For summary tables of control information, including Frameworks, see Tables of control metadata. Additional detail is available in the AWS Control Tower console.


The four mandatory controls with "Sid": "GRCLOUDTRAILENABLED" are identical by design. The sample code is correct.