When we took on that project, the client had various business units within their organization, including a BI unit, an engineering unit, and other units related to development and different business functions. They also had a centralized IT team responsible for cloud operations. Initially, their AWS environment was highly decentralized, lacking a centralized management system. They approached us to establish a centralized solution that could handle tasks like creating new AWS accounts based on business needs and enforcing baseline security standards. To address their requirements, we engaged with AWS and, after discussing their needs, concluded that migrating to AWS Control Tower would be the most suitable solution. In addition to Control Tower, we set up a centralized networking system to provide controlled access to new accounts. This approach centralized authentication and access management, simplifying operations. We also implemented various guardrails, as their previous setup lacked mechanisms for account owners to identify and adhere to best practices. After implementation, we organized the AWS organization structure based on their business units, each with its set of preventive and detective guardrails. This allowed for a more structured and controlled environment.