Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Scripted Unmanage of Control Tower Managed AWS Accounts prior to Closing

0

AWS best practice is to unmanage a member account before closing it. I can use the CloseAccount API to close the account, but the documentation is not clear on a scripted method to unmanage an AWS account.

The closest I can find is the aws servicecatalogue terminate-provisioned-product API but the terms unmanage and terminate appear to have different connotations

My use-case is to be able to fully close a Control Tower managed account inline with AWS best practises.

Themen
Management & Unternehmensführung
Tags
AWS KontrollturmAWS OrganisationenAWS Kontoverwaltung
Sprache
English
Simon Cox
gefragt vor 2 Jahren382 Aufrufe
1 Antwort
2
Akzeptierte Antwort

Hi

When you terminate the provisioned product in Service catalog (either through the console or the TerminateProvisionedProduct API), you are effectively un-managing the account.

Once you terminate the provisioned product, the account will show as "Not Enrolled" in Control Tower. You can then use the CloseAccount API to close the account. Once you do that, it will remain in the Suspended state for 90 days.

So if you were scripting this you can:

  1. Terminate the provisioned product via TerminateProvisionedProduct API
  2. Use DescribeRecord API to check the status of the above. Once fully terminated:
  3. Use CloseAccount API to close the account
profile pictureAWS
EXPERTE
Matt-B
beantwortet vor 2 Jahren
  • Simon Cox
    vor 2 Jahren

    Thanks thanks exactly the clarification I needed.

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt