Skip to content

AWS Control Tower can now use customer provided core accounts

Today, we are announcing new functionality in AWS Control Tower that provides you the flexibility to use your existing security and logging accounts, or to have AWS Control Tower create new accounts on your behalf when setting up Control Tower or extending Control Tower governance to your existing AWS environment. The Security account is used as a restricted account that’s designed to give your security and compliance teams read and write access to all accounts in your landing zone. The Logging account works as a repository, storing logs of API activities and resource configurations from all accounts in your landing zone. 

Source:: Amazon AWS