Skip to content

Mention Terraform Control Tower on Landing Zone page. #406

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
josh-padnick merged 1 commit into from
Mar 10, 2021
Merged

Mention Terraform Control Tower on Landing Zone page. #406

josh-padnick merged 1 commit into from
Mar 10, 2021

Conversation

@josh-padnick
Copy link
Contributor

@josh-padnick josh-padnick commented Mar 5, 2021

Before:
image

After:
image

@netlify
Copy link

netlify bot commented Mar 5, 2021

Deploy preview for keen-clarke-470db9 ready!

Built with commit 40e1b8a

https://deploy-preview-406--keen-clarke-470db9.netlify.app

brikis98
brikis98 reviewed Mar 8, 2021
View reviewed changes
Copy link
Member

@brikis98 brikis98 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hm, is this accurate? I thought:

  • Landing Zone = IaC
  • Control Tower = UI

@josh-padnick
Copy link
Contributor Author

josh-padnick commented Mar 10, 2021

No, AWS Control Tower has replaced Landing Zone. In fact, you now customize Control Tower, albeit using a nasty CloudFormation architecture. So I believe this is correct as is.

@brikis98
Copy link
Member

brikis98 commented Mar 10, 2021

Hm, not according to this page:

How is AWS Control Tower different than the AWS Landing Zone solution?
Control Tower is an AWS native service providing a pre-defined set of blueprints and guardrails to help customers implement a landing zone for AWS accounts. AWS Landing Zone is an AWS solution offered through AWS Solution Architect, Professional Services, or AWS Partner Network (APN) Partners providing a fully configurable, customer-managed landing zone implementation. Customers can use either the Landing Zone solution or AWS Control Tower to create a foundational AWS environment based on best practice blueprints implemented through AWS Service Catalog. Control Tower is designed to provide an easy, self-service setup experience and an interactive user interface for ongoing governance with guardrails. While Control Tower automates creation of a new landing zone with pre-configured blueprints (e.g., AWS SSO for directory and access), the AWS Landing Zone solution provides a configurable setup of a landing zone with rich customization options through custom add-ons (e.g., Active Directory, Okta Directory) and ongoing modifications through a code deployment and configuration pipeline.

When should I use AWS Landing Zone and when should I use AWS Control Tower?
You should use AWS Control Tower if you are looking for a self-service experience to set up an AWS environment based on a landing zone with pre-configured blueprints and then interactively govern your accounts with pre-configured guardrails. You will benefit from AWS Control Tower if you are building a new offering, have teams starting out on their journey to AWS, are starting a new cloud initiative, are completely new to AWS, or have an existing multi-account AWS environment. You should use the AWS Landing Zone solution if you are looking to set up a configurable landing zone with rich customization options through custom add-ons (e.g., Active Directory, Okta Directory) and change management through a code deployment and configuration pipeline.

@josh-padnick
Copy link
Contributor Author

josh-padnick commented Mar 10, 2021

I actually think that page is out of date. In fact, I was recently speaking with someone who actively works at AWS and they told me that Control Tower is advised in all cases, in direct contradiction to that article. Also, Landing Zone is officially in "long-term support", which is as close as AWS will get to deprecating anything.

brikis98
brikis98 approved these changes Mar 10, 2021
View reviewed changes
Copy link
Member

@brikis98 brikis98 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, alright then, good to know, thx!

@josh-padnick josh-padnick merged commit fc485c1 into master Mar 10, 2021
@josh-padnick josh-padnick deleted the terraform-control-tower branch March 10, 2021 15:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@brikis98 brikis98 brikis98 approved these changes

@eak12913 eak12913 Awaiting requested review from eak12913

@oredavids oredavids Awaiting requested review from oredavids oredavids is a code owner

@tsmit291 tsmit291 Awaiting requested review from tsmit291

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@josh-padnick @brikis98