1. Home
  2. Cloud Computing Security Software
  3. AWS Control Tower Reviews
  4. User Review of AWS Control Tower
AWS Control Tower: an AWS Framework that might be more than you need
May 05, 2022

AWS Control Tower: an AWS Framework that might be more than you need

Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User

Overall Satisfaction with AWS Control Tower

AWS Control Tower allows you to set up a baseline environment, in the parlance of Control Tower, this is called a landing zone. The value adds of this product is that the default baseline environment that is set up by AWS Control Tower includes AWS best practices by default. This includes best practices from AWS Well-Architected Framework. In our case, we were interested in experimenting with a lower overhead setup for an ancillary AWS account.
  • I like being able to see policy-level summaries of my AWS environment.
  • It is great for moving quickly with minimal risk of severe blunders.
  • Provisioning a new account within the purview of the Control Tower is quick and easy.
  • This level of abstraction leaves you vulnerable to not knowing exactly what's been created, and that can enable you to mess things up.
  • Because it provisions things on your behalf, you might end up paying for resources you don't need.
  • The import process of existing accounts, which we did not end up pursuing, is tedious and manual.
  • Low barrier to entry
  • AWS Well Architected Framework best practices built in.
  • Easy to navigate account summary of resources.
  • It was ultimately a neutral impact for us as we didn't pursue it very far.
  • It would not be the right fit for us given that we have the skills to roll these things on our own.
  • It would have been more expensive than strictly necessary because it provisions resources you don't necessarily need.
Using AWS Systems Manager and other slightly lower level components has been helpful for us to manage parts of our AWS presence at a more granular level than AWS Control Tower was designed for. It's not at all an apples-to-apples comparison as they solve different use cases, but for us, the use case associated with AWS Systems Manager was a better fit for our specific needs and skillsets. We did not need everything that AWS Control Tower was doing for us.

Do you think AWS Control Tower delivers good value for the price?

Yes

Are you happy with AWS Control Tower's feature set?

Yes

Did AWS Control Tower live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of AWS Control Tower go as expected?

Yes

Would you buy AWS Control Tower again?

No

We were wanting to prove the concept of a low touch process for quickly spinning up boilerplate AWS environments. We were able to get started quickly and to ensure that the AWS Well-Architected Framework principles were followed - at least upfront - however, we found that for our use case and expertise level it ultimately wasn't a fit. We have the skills on our team to manage more of this on our own. My recommendation would be contingent on what skills are already available on your team: if you can "do it yourself" you might as well so that you don't pay for resources you don't need and you have finer grain control over what's created.