Control Tower vs Landing Zones in AWS –High Level Recap

November 3, 2019 Control Tower vs Landing Zones in AWS –High Level Recap2019-11-03T21:02:45-06:00 AWS No Comment

Control Tower Pros

Self Service model – A ‘better’ supported service – with shorter AWS support response times (compared to Landing Zones)
Lower Complexity – most customers report smoother execution (compared to Landing Zones)
All the Add Ons supported by Landing Zones are supported in Control Tower (Okta, AD) – as well as some additional ones (Transit Gateway, Elasticsearch).
Integrated with Cloudtrail and cloudwatch (just like Landing zones).

Control Tower Limitations

Still doesn’t handle existing account structures. May be part of a future release (not sure when).
Only available in 4 regions. Not available in Gov cloud
No programmatic API. All actions are through the management console.

Pricing

The cost is only for resources spun up, both LZ and CT are free). In the past, Landing Zone spun up resources would cost anywhere between $200 – $600 / month – depending on whether you spun up Managed AD or not.

Anuj holds professional certifications in Google Cloud, AWS as well as certifications in Docker and App Performance Tools such as New Relic. He specializes in Cloud Security, Data Encryption and Container Technologies.

Initial Consultation

Anuj Varma – who has written 1214 posts on Anuj Varma, Hands-On Technology Architect, Clean Air Activist.

AWS, Control Tower, Landing Zones

No Comments Yet

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.