Resource Considerations for Account Factory

When an account is provisioned with Account Factory, the following AWS resources are created within the account.

AWS service	Resource type	Resource name
AWS CloudFormation	Stacks	StackSet-AWSControlTowerBP-BASELINE-CLOUDTRAIL-* (Not deployed in landing zone version 3.0 and later) StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-* StackSet-AWSControlTowerBP-BASELINE-CONFIG-* StackSet-AWSControlTowerBP-BASELINE-ROLES-* StackSet-AWSControlTowerBP-BASELINE-SERVICE-ROLES-*
AWS CloudTrail	Trail	aws-controltower-BaselineCloudTrail
AWS Config	Delivery channel	aws-controltower-BaselineConfigDeliveryChannel
AWS Config	Recorder	aws-controltower-BaselineConfigRecorder
Amazon CloudWatch	CloudWatch Logs	/aws/lambda/aws-controltower-NotificationForwarder
AWS Identity and Access Management	Roles	aws-controltower-AdministratorExecutionRole aws-controltower-CloudWatchLogsRole (Not deployed in landing zone version 3.0 and later) aws-controltower-ConfigRecorderRole (Not deployed in landing zone version 2.8 and later) aws-controltower-ForwardSnsNotificationRole aws-controltower-ReadOnlyExecutionRole AWSControlTowerExecution
AWS Identity and Access Management	Policies	AWSControlTowerServiceRolePolicy
Amazon Simple Notification Service	Topics	aws-controltower-SecurityNotifications
AWS Lambda	Applications	StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-*
AWS Lambda	Functions	aws-controltower-NotificationForwarder
Amazon EventBridge	Rule	AWSControlTowerManagedRule
Amazon EventBridge	Rule	aws-controltower-ConfigComplianceChangeEventRule

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Close an account

Account Factory Customization (AFC)