Control Tower

PublishedNovember 29, 2024

•1 min read

I am an aspiring DevOps Engineer proficient with containers and container orchestration tools like Docker, Kubernetes along with experienced in Infrastructure as code tools and Configuration as code tools, Terraform, Ansible. Well-versed in CICD tool - Jenkins. Have hands-on experience with various AWS and Azure services. I really enjoy learning new things and connecting with people across a range of industries, so don't hesitate to reach out if you'd like to get in touch.

Part of seriesAWS Solutions Architect - Associate

Control Tower

Easy way to set up and govern a secure and compliant multi-account AWS environment based on best practices
AWS Control Tower uses AWS Organizations to create accounts
Benefits:
- Automate the set up of your environment in a few clicks
- Automate ongoing policy management using guardrails
- Detect policy violations and remediate them
- Monitor compliance through an interactive dashboard

Control Tower – Guardrails

Provides ongoing governance for your Control Tower environment (AWS Accounts)
Two types:
- Preventive Guardrail – using SCPs (e.g., Restrict Regions across all your accounts)
- Detective Guardrail – using AWS Config (e.g., identify untagged resources)

#aws #aws-control-tower

Comments

Join the discussion

No comments yet. Be the first to comment.

AWS Solutions Architect - Associate

Part 14 of 22

This course is ideal for individuals who are interested in learning how to build and implement AWS solutions based on best practices.

Up next

Organizations & SCP

Organizations Global service Manage multiple AWS accounts under an organization one main account known as management account other are member accounts Member account can only be part of one organization Consolidated Billing across all account...

More from this blog

01 - AWS Cloud Overview - Regions & AZ

AWS Global Infrastructure AWS Regions AWS Availability Zones AWS Data Centers AWS Edge Locations / Points of Presence AWS Regions A region is a cluster or collection of data centers. AWS has regions all around the world. Most AWS services ar...

Mar 5, 20251 min read

API Gateway & Step Function & Cognito

API Gateway Serverless REST APIs Invoke Lambda functions using REST APIs (API gateway will proxy the request to lambda) AWS Lambda + API Gateway: No infrastructure to manage Supports WebSocket (stateful) Handle API versioning (v1, v2…), handle d...

Dec 5, 20245 min read

Elastic Container Service (ECS)

ECS AWS managed container orchestration platform Integrates with ALB for load balancing ECS tasks Launch Docker containers on AWS = Launch ECS Tasks on ECS Clusters EFS is used as persistent multi-AZ shared storage for ECS tasks Launch Types EC...

Dec 5, 20245 min read

Route 53

What is DNS? Please refer this Udemy lecture. Route 53 Global service A highly available, scalable, fully managed and Authoritative DNS (customer can update the DNS records and have full control over the DNS) Route 53 is also a Domain Registrar ...

Dec 4, 20249 min read

03 - Elastic Compute Cloud (EC2)

EC2 Region-scoped/Regional service EC2 (Elastic Compute Cloud) is an Infrastructure as a Service (IaaS) Stopping & Starting an instance may change its public IP but not its private IP AWS Compute Optimizer recommends optimal AWS Compute resources...

Dec 4, 202411 min read

Amazon Web Services - AWS

22 posts

Command Palette

Control Tower

Control Tower – Guardrails

Comments

AWS Solutions Architect - Associate

Organizations & SCP

More from this blog