Transitioning from AWS Landing Zone to AWS Control Tower - AWS Prescriptive Guidance

Transitioning from AWS Landing Zone to AWS Control Tower

Gaurav Gupta, Amazon Web Services (AWS)

February 2022 (last update: June 2022)

Technologies: Infrastructure; Networking; Management & governance

AWS services: AWS CloudFormation AWS Control Tower

With the large number of design choices, setting up a multi-account environment can take a significant amount of time. It can involve the configuration of multiple accounts and services, and require a deep understanding of Amazon Web Services (AWS). The AWS Landing Zone solution helps you more quickly set up a secure, multi-account AWS environment based on AWS best practices.

As the adoption of AWS Landing Zone solution has grown over time, the complexity involved in managing and customizing the solution has also grown. To address this, AWS launched a new service, AWS Control Tower.

AWS Control Tower is intended for organizations with multiple accounts and teams who are looking for an efficient way to set up their new multi-account AWS environment and govern at scale. With AWS Control Tower, cloud administrators can feel confident that accounts in their organization are compliant with established policies, and builders can rapidly provision new AWS accounts.

Because active development of the AWS Landing Zone solution has stopped, it’s important to consider transitioning from AWS Landing Zone to AWS Control Tower.

Targeted business outcomes

  • Faster AWS Cloud adoption through a ready AWS environment with automated security, operations, and compliance policies management

  • Business risks reduced by migrating workloads to AWS through established preventive, detective, and compliance controls

  • More efficient security, operations, and compliance policies management through the use of the integrated dashboard