Related information - AWS Control Tower

Related information

This topic lists common use cases and best practices for AWS Control Tower capabilities and additional enhancements. This topic also includes links to relevant blog posts, technical documentation, and related resources that can help you as you work with AWS Control Tower.

Tutorials and labs

  • AWS Control Tower lab – These labs provide a high-level overview of common tasks related to AWS Control Tower.

  • On the AWS Control Tower dashboard, choose Get personalized guidance if you have a use case in mind but you're not sure where to start.

Networking

Set up repeatable and manageable patterns for networks in AWS. Learn more about design, automation, and appliances that are commonly used by customers.

Security, identity, and logging

Extend your security posture, integrate with external or existing identity providers, and centralize logging systems.

Security

  • Automating AWS Security Hub Alerts with AWS Control Tower lifecycle events – This blog post describes how to automate Security Hub enablement and configuration in an AWS Control Tower multi-account environment on existing and new accounts.

  • Enabling AWS Identity and Access Management – This blog post describes how to enhance your organizational security visibility by enabling and centralizing IAM Access Analyzer findings.

  • AWS Systems Manager Parameter Store provides secure, hierarchical storage for configuration data management and secrets management. You can use it to share configuration information in a secure location, for use by AWS Systems Manager and by AWS CloudFormation. For example, you can store a list of Regions in which you want to deploy conformance packs.

Identity

Logging

  • AWS Centralized Logging Solution – This solutions post describes the Centralized Logging solution which enables organizations to collect, analyze, and display logs on AWS across multiple accounts and AWS Regions.

Deploying resources and managing workloads

Deploy and manage resources and workloads.

Working with existing organizations and accounts

Work with existing AWS organizations and accounts.

Automation and integration

Automate account creation and integrate lifecycle events with AWS Control Tower.

  • Lifecycle events – This blog post describes how to use lifecycle events with AWS Control Tower.

  • Automate account creation – This blog post describes how to set up automated account creation in AWS Control Tower.

  • Amazon VPC flow log automation – This blog post describes how to automate and centralize Amazon VPC Flow Logs in a multi-account environment.

Migrating workloads

Use other AWS services with AWS Control Tower to assist in workload migration.

  • CloudEndure migration – This blog post describes how to combine CloudEndure and other AWS services with AWS Control Tower to assist in workload migration.

AWS Marketplace solutions

Discover solutions from AWS Marketplace.

  • AWS Control Tower Marketplace – AWS Marketplace offers a broad range of solutions for AWS Control Tower to help you integrate third-party software. These solutions help solve key infrastructure and operational use cases including identity management, security for a multi-account environment, centralized networking, operational intelligence, and security information and event management (SIEM).