AWS Control Tower Proactive Controls for Terraform: A Proof of Concept

Introduction As a Terraform advocate and an AWS consultant who builds many landing zones, AWS Control Tower has always been one of my favorite AWS services. Beyond its common use cases, such as account provisioning with Account Factory Customization (AFC) and Account Factory for Terraform (AFT) , I am always on the lookout for opportunities to bring the two technologies closer together. During landing zone design workshops, when walking customers through Control Tower controls, I often found myself unable to recommend proactive controls because many organizations prefer using Terraform over CloudFormation for infrastructure as code (IaC). To fully leverage everything Control Tower has to offer, wouldn’t it be nice if proactive controls worked with other IaC tools, including Terraform? Through research, I learned that proactive controls are implemented as CloudFormation Hooks and can target resources created via the Cloud Control API. Having worked with the Terraform AWS Cloud Control (

AWS Control Tower Proactive Controls for Terraform: A Proof of Concept

Related Articles

How to Build a Real Multi-Agent Engineering Workflow With oh-my-claudecode

Clean Code Principles Every Software Engineer Should Follow

The Real Cost of Abstractions in .NET

Stop Learning Frameworks — You’re Wasting Your Time

How to Self-Host n8n in 2026: VPS vs Managed Hosting (Full Comparison)

Related Articles

How-To
How to Build a Real Multi-Agent Engineering Workflow With oh-my-claudecode
Medium Programming • 4h ago

How-To
Clean Code Principles Every Software Engineer Should Follow
Medium Programming • 5h ago

How-To
The Real Cost of Abstractions in .NET
Medium Programming • 6h ago

How-To
Stop Learning Frameworks — You’re Wasting Your Time
Medium Programming • 7h ago

How-To
How to Self-Host n8n in 2026: VPS vs Managed Hosting (Full Comparison)
Dev.to • 7h ago