- 最新
- 最多得票
- 最多評論
hi,
AWS Control Tower offers you the capability to build and manage a multi account environment. It's a collection of
- Landing Zone
- Guardrails
- Account Factory for automating account provisioning
You have a dashboard to monitor and control your LZ's and accounts. It provides blueprints with the best practices which we can pick for our landing zone and that significantly reduces the time on LZ creation. The difference lies with the prebuilt templates, guardrails and is designed to provide an easy, self-service setup experience and an interactive user interface.
Please refer this on why AWS Control Tower here: https://d1.awsstatic.com/events/aws-reinforce-2022/GRC374_Automate-governance-of-environments-with-AWS-Control-Tower.pdf
Thanks Arun
In order to deploy LZA (Landing Zone Accelerator) you must have wither AWS Control Tower or AWS Organizations enabled. You can see the pre-requisite here.
In terms of he benefits using LZA will have more features then using Control Tower alone and that is why it is recommended to deploy on top of Control Tower. LZA provides a comprehensive no-code solution across 35+ AWS services and gives you the automation to deploy SCP policies, complex network setup's with TGW and VPC creation, security controls with GuardDuty and SecurityHub and even add your own customized Cloudformation scripts on top of LZA natively. You can view the architecture diagram of what gets deployed here.
if your organization has fewer accounts and less complexities it is recommended that you start with AWS Control Tower so it will be easier to manage and lower cost. If you require an enterprise level governance for your organization then would make sense to deploy LZA on top of it.
Hi there AWS-User-9543277, had a follow up question to your answer hope you can help. You mentioned "add your own customized Cloudformation scripts on top of LZA natively", could you elaborate and explain if these customised CF scripts can be within LZA solution as supplied by AWS or should theybe outside the LZA solution. Thank you for your help in advance.
Thank you Arun