Related information - AWS Control Tower

Related information

This topic lists common use cases and best practices for AWS Control Tower capabilities and additional enhancements. This topic also includes links to relevant blog posts, technical documentation, and related resources that can help you as you work with AWS Control Tower.

Tutorials and labs

  • AWS Control Tower lab – These labs provide a high-level overview of common tasks related to AWS Control Tower.


Set up repeatable and manageable patterns for networks in AWS. Learn more about design, automation, and appliances that are commonly used by customers.

  • AWS Quick Start VPC Architecture– This Quick Start guide provides a networking foundation based on AWS best practices for your AWS Cloud infrastructure. It builds an AWS Virtual Private Network environment with public and private subnets where you can launch AWS services and other resources.

  • Implementing Serverless Transit Network Orchestrator (STNO) in AWS Control Tower – This blog post demonstrates how to automate network connectivity access across accounts. This blog is intended for AWS Control Tower administrators, or those responsible for managing networks within their AWS environment.

Security, identity, and logging

Extend your security posture, integrate with external or existing identity providers, and centralize logging systems.




  • AWS Centralized Logging Solution – This solutions post describes the Centralized Logging solution which enables organizations to collect, analyze, and display logs on AWS across multiple accounts and AWS Regions.

Deploying resources and managing workloads

Deploy and manage resources and workloads.

Working with existing organizations and accounts

Work with existing AWS organizations and accounts.

Automation and integration

Automate account creation and integrate lifecycle events with AWS Control Tower.

  • Lifecycle events – This blog post describes how to use lifecycle events with AWS Control Tower.

  • Automate account creation – This blog post describes how to set up automated account creation in AWS Control Tower.

  • Amazon VPC flow log automation – This blog post describes how to automate and centralize Amazon VPC Flow Logs in a multi-account environment.

Migrating workloads

Use other AWS services with AWS Control Tower to assist in workload migration.

  • CloudEndure migration – This blog post describes how to combine CloudEndure and other AWS services with AWS Control Tower to assist in workload migration.

AWS Marketplace solutions

Discover solutions from AWS Marketplace.

  • AWS Control Tower Marketplace – AWS Marketplace offers a broad range of solutions for AWS Control Tower to help you integrate third-party software. These solutions help solve key infrastructure and operational use cases including identity management, security for a multi-account environment, centralized networking, operational intelligence, and security information and event management (SIEM).