Document history
-
Latest documentation update: April 16, 2021
The following table describes important changes to the AWS Control Tower User Guide. For notifications about documentation updates, you can subscribe to the RSS feed.
| Change | Description | Date |
|---|---|---|
|
Customized names for OUs and accounts |
AWS Control Tower allows you to provide customized names during the landing zone setup process, for essential OUs and accounts, without creating drift. |
April 16, 2021 |
|
Decommissioning a landing zone is self-service |
AWS Control Tower now allows you to decommission a landing zone without contacting AWS Support. Decommissioning is a semi-automated process that cannot be undone. It is not the same as deleting all AWS Control Tower resources manually. |
April 9, 2021 |
|
Three additional Regions |
AWS Control Tower is now available in three additional AWS Regions: Asia Pacific (Tokyo) Region, Asia Pacific (Seoul) Region, and Asia Pacific (Mumbai) Region. |
April 8, 2021 |
|
New Log Archive guardrails, landing zone version 2.7 available |
Four new Log Archive guardrails provide Log Archive governance over AWS Control Tower resources, separately from governance of resources outside of AWS Control Tower. Guidance on four existing guardrails has changed from mandatory to elective. Version 2.7 of the AWS Control Tower landing zone includes a requirement for HTTPS, which cannot be undone after you update. |
April 8, 2021 |
|
Region selection |
AWS Control Tower Region selection provides better ability to manage the geographical footprint of your AWS Control Tower resources. To expand the number of Regions in which you host AWS resources or workloads – for compliance, regulatory, cost, or other reasons – you can now select the additional Regions to govern. |
February 19, 2021 |
|
Register an OU and govern all of its accounts with AWS Control Tower at one time |
AWS Control Tower adds the capability to register an OU, which is a way to bring multiple accounts into governance at the same time. |
January 28, 2021 |
|
Multiple account updates in registered OUs |
You can now update all accounts in any registered AWS Organizations organizational unit (OU) containing up to 300 accounts, with a single click, from the AWS Control Tower dashboard. The multiple account update feature, also referred to as bulk update, eliminates the need to update one account at a time, or to use an external script to perform the update on multiple accounts together. |
January 28, 2021 |
|
New role for aggregating unmanaged OUs and accounts |
A new role assists in detecting external AWS Config rules, so AWS Control Tower does not need to gain access to unmanaged accounts. |
December 29, 2020 |
|
AWS Control Tower is available in more AWS Regions. |
AWS Control Tower is now available to be deployed in the Asia Pacific (Singapore) Region, Europe (Frankfurt) Region, Europe (London) Region, Europe (Stockholm) Region, and Canada (Central) Region. With this launch AWS Control Tower is now available in 10 AWS Regions. This landing zone update includes all Regions listed, and it cannot be undone. After updating your landing zone to version 2.5, you must manually update all enrolled accounts for AWS Control Tower to govern in the 10 supported AWS Regions. |
November 18, 2020 |
|
Guardrail update |
An updated version has been released for the mandatory guardrail
|
October 8, 2020 |
|
Related information page is now available for AWS Control Tower |
The related information page makes it easier to find common tasks that may be helpful after setting up your AWS Control Tower landing zone. |
September 18, 2020 |
|
AWS Control Tower console shows more detail about OUs and accounts. |
Within the AWS Control Tower console, you can view more detail about your AWS accounts and organizational units (OUs). The ‘Accounts’ page now lists all accounts in your organization, regardless of OU or enrollment status in AWS Control Tower. You can now search, sort, and filter across all tables. |
July 22, 2020 |
|
AWS Control Tower allows existing organizations to set up a landing zone |
You can now launch a landing zone for AWS Control Tower in an existing organization, to bring the organization into governance. The Quick account provisioning capability in AWS Control Tower was renamed to Enroll account and it now permits enrollment of existing AWS accounts as well as creation of new accounts. |
April 16, 2020 |
|
AWS Control Tower is now available in Asia Pacific |
AWS Control Tower is now available to be deployed in the Asia Pacific (Sydney) AWS Region. This release requires manual updates to vended accounts, update only if you plan to run workloads in Asia Pacific (Sydney). |
March 3, 2020 |
|
Decommissioning an AWS Control Tower landing zone is possible |
AWS Support can help you permanently decommission a landing zone through a mostly automated process that preserves your organizations, although some manual cleanup is required. |
February 27, 2020 |
|
Quick account provisioning is available in AWS Control Tower |
Quick account provisioning makes it easier to launch new member accounts when your landing zone is up to date, with the Enroll account feature. |
February 20, 2020 |
|
Lifecycle events are tracked in AWS Control Tower |
Lifecycle events provide additional details for certain AWS Control Tower events, to make some workflow automation easier. |
December 12, 2019 |
|
Settings and Activities pages are available for AWS Control Tower |
The Settings and Activities pages make it easier to update your landing zone and to view logged events. |
November 30, 2019 |
|
Additional preventive guardrails are available for AWS Control Tower |
Preventive guardrails in AWS Control Tower keep your organization and resources aligned with your environment. |
September 6, 2019 |
|
Additional detective guardrails are available for AWS Control Tower |
Detective guardrails in AWS Control Tower give information about the state of your organization and resources. |
August 27, 2019 |
|
AWS Control Tower is now generally available |
AWS Control Tower is a service that offers the easiest way to set up and govern your multi-account AWS environment at scale. |
June 24, 2019 |
