En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Unable to recovery from enrollment of existing account to control tower

0

Hey,

We have an existing account, we tried to add to control tower enrollment. It failed and compliance status is unknown.

So tried to recover by deleting the account factory provisioned product and add the account back to Ou.

But did not solve my problem, since I could not see the enroll option enabled, it is in disabled state.

We have role created in new account, sts is enabled. Please guide me on how can I recover it

Sujets
Gestion et gouvernanceCloud Financial Management
Balises
Console de gestion AWSTour de contrôle AWSOrganisations AWSAWS BillingAWS Account Management
Langue
English
rePost-User-6180192
demandé il y a 2 ans388 vues
1 réponse
0

Hi There Have you tried moving the account to the root OU and then enrolling it?

From https://docs.aws.amazon.com/controltower/latest/userguide/troubleshooting.html#enrollment-failed

In this case, you must take two recovery steps before you can proceed with enrolling your existing account. First, you must terminate the Account Factory provisioned product through the AWS Service Catalog console. Next, you must use the AWS Organizations console to manually move the account out of the OU and back to the root. After that is done, create the AWSControlTowerExecution role in the account, and then fill in the Enroll account form again.

If that does not enable the Enroll button, then try creating a new OU, moving the account into that OU, and registering that OU. That will start the enrollment process again.

profile pictureAWS
EXPERT
Matt-B
répondu il y a 2 ans

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents