List of control objectives - AWS Control Tower

List of control objectives

Each control enforces one of these objectives. Sometimes controls must be applied in a group so that the control objective is enforced. Information about related controls is viewable in the AWS Control Tower console, on the Control details page.

Control objectives

For more information about controls and their associated control objectives, see Tables of control metadata.

  • CO.1 Establish logging and monitoring

  • CO.2 Encrypt data at rest

  • CO.3 Encrypt data in transit

  • CO.4 Protect data integrity

  • CO.5 Enforce least privilege

  • CO.6 Limit network access

  • CO.7 Optimize costs

  • CO.8 Improve resiliency

  • CO.9 Improve availability

  • CO.10 Protect configurations

  • CO.11 Prepare for incident response

  • CO.12 Manage vulnerabilities

  • CO.13 Manage secrets

  • CO.14 Prepare for disaster recovery

  • CO.15 Use strong authentication