- Newest
- Most votes
- Most comments
This is an excerpt from AWS Control Tower Pricing Page :
There is no additional charge to use AWS Control Tower. However, when you set up AWS Control Tower, you will begin to incur costs for AWS services configured to set up your landing zone and mandatory guardrails. While some AWS services like AWS Organizations and AWS IAM Identity Center (successor to AWS SSO) come at no additional charge, you will pay for services such as AWS Service Catalog, AWS CloudTrail, AWS Config, Amazon CloudWatch, Amazon Simple Notification Service (SNS), Amazon Simple Storage Service (S3), and Amazon Virtual Private Cloud (VPC), based on your usage of these services. You only pay for what you use, as you use it.
For example, if you edit the AWS Control Tower account factory configuration to enable public subnets when provisioning a new account, then account factory will configure Amazon VPC to create a NAT Gateway, and you will be billed for your usage by Amazon VPC. The following examples show how AWS Control Tower can influence the cost you incur by enabling other services...
There is no ambiguity in the pricing. If you have suggestions about AWS Console user experience as you mentioned, please submit that directly on the feedback page directly on the console.
Hi. Unfortunately, It will be difficult to inject user defined action like notifying to user during CT deployment flow.
BTW, you can select whether creating vpc or not to member account.
https://docs.aws.amazon.com/controltower/latest/userguide/configure-without-vpc.html
As with most AWS Services, each will incur a charge. Every time a resource is provisioned in AWS there will likely be a cost associated with it. We have to remember this otherwise you will need a prompt every time you provision an EC2 or an S3 bucket notifying you that there will be a cost.
Its inherent that there will be a cost associated with something that’s setup within AWS
It does state in the documentation regarding costs and VPC Configurations when using Control tower account factory. https://docs.aws.amazon.com/controltower/latest/userguide/vpc-concepts.html
Manage VPC costs
If you set the Account Factory VPC configuration so that public subnets are enabled when provisioning a new account, Account Factory configures VPC to create a NAT Gateway. You will be billed for your usage by Amazon VPC.
I agree, However, it's a wise solution to allow customer to accept the term and condition at the beginning of enabling any options of the deployment process (pop up disclaimer that explains the cost)
Relevant content
- asked 7 months ago
- Accepted Answerasked 6 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
I agree, However, it's a wise solution to allow customer to accept the term and condition at the beginning of enabling any options of the deployment process (pop up disclaimer that explains the cost)
The landing page of Control Tower service in Console has a direct link to the pricing page mentioned. As for the acceptance of terms and conditions, there is no legal 'per-service' T&C acceptance, once a user sings up for an AWS account, general terms and condition applies that the user accepts during the sign up process : https://aws.amazon.com/agreement/