Overview
Amazon Web Services (AWS) offers a diverse array of services and features that allow
for
flexible control of AWS cloud computing resources and the associated AWS account(s)
that
manage them. Given the large number of design choices available, the manual process
of setting
up and configuring a multi-account AWS environment can be a time-consuming task. AWS Control Tower
The Customizations for AWS Control Tower solution combines AWS Control Tower and other highly-available, trusted AWS services to help customers more quickly set up a secure, multi-account AWS environment using AWS best practices. This solution enables customers to easily add customizations to their AWS Control Tower landing zone using an AWS CloudFormation template and service control policies (SCPs). You can deploy the custom template and policies to individual accounts and organizational units (OUs) within your organization. This solution integrates with AWS Control Tower lifecycle events to ensure that resource deployments stay in sync with the customer's landing zone. For example, when a new account is created using the AWS Control Tower account factory, the solution ensures that all resources attached to the account's OUs will be automatically deployed.
Cost
You are responsible for the cost of the AWS services used while running this solution. As of the date of publication, the cost for running this solution depends on the number of AWS CodePipeline executions, the duration of AWS CodeBuild runs, the number and duration of AWS Lambda functions, and the number of Amazon EventBridge events published. For example, if you execute 100 builds in one month using build.general1.small where each build runs for five minutes, then the approximate cost for running this solution is $3.00 per month. For full details, see the pricing webpage for each AWS service you will be using in this solution.
The Amazon Simple Storage Service (Amazon S3) bucket and AWS CodeCommit Git-based
repository resources are retained after the solution template is deleted to protect
the
customer configuration. Depending on the option selected, you are charged based on
the amount
of data stored in the S3 bucket and the number of Git requests (not applicable to
Amazon S3
resource). Refer to Amazon S3