1. Home
  2. Cloud Computing Security Software
  3. AWS Control Tower Reviews
  4. User Review of AWS Control Tower
AWS Control Tower in multi AWS account scenarios
September 25, 2023

AWS Control Tower in multi AWS account scenarios

Arkadiusz Góral | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with AWS Control Tower

AWS Control Tower allows me to provision predefined compliant and secure AWS accounts in an automated fashion
  • AWS Control Tower integrates with AWS Organizations
  • AWS Control Tower provides Account Factory to provision preconfigured AWS accounts
  • AWS Control Tower helps to isolate workloads and billing via AWS accounts separation
  • AWS Control Tower supports data residency controls out of the box
  • AWS Control Tower supports post provisioning actions to newly provisioned AWS accounts: for example it can trigger enabling VPC flow logs in the new account
  • If possible it would be nice to see an automated option to close AWS accounts created with the Account Factory
  • Multi account support
  • Integration with various services - Cloud formation / stack/stackset concepts
  • SSO integration
  • Preconfiguration of newly created accounts
  • Provisioning new AWS accounts without need to use credit card for each of the new accounts - all works on a credit card used to set up the master account.
  • It helped to separate billing for dev/prod/uat workloads, making it easier to control how much developers are spending.
AWS Control Tower is an extension of AWS Organizations - think of it like the Organiztions on steroids.

Do you think AWS Control Tower delivers good value for the price?

Yes

Are you happy with AWS Control Tower's feature set?

Yes

Did AWS Control Tower live up to sales and marketing promises?

Yes

Did implementation of AWS Control Tower go as expected?

Yes

Would you buy AWS Control Tower again?

Yes

Multi - account scenario is perfect example where AWS Control Tower should be used - to separate workloads in individual accounts. I.E. development and production in different accounts with separate billing

Evaluating AWS Control Tower and Competitors

  • Scalability
  • Integration with Other Systems
  • Ease of Use
This is a unique solution solving a particular problem : provisioning AWS accounts and preconfiguring them so they are ready to use and secure out of the box.

Using AWS Control Tower

There is no way to easily close an AWS account whether it was created manually or via the AWS Control Tower. It takes too many steps to close it vs to provision a new AWS account
ProsCons
Like to use
Technical support not required
Well integrated
Consistent
Quick to learn
Convenient
Feel confident using
Lots to learn
  • Provisioning of new AWS accounts that are preconfigured
  • Applying data residency controls within a single click
  • Managing user access
  • Closing AWS accounts automatically is impossible
  • The service catalog integration is little bit complex

Integrating AWS Control Tower

  • AWS SSO
  • AWS Security Hub
  • AWS GuardDuty
  • Lots of AWS services integrates well with the Control Tower
  • Single Signon