Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Unable to recovery from enrollment of existing account to control tower

0

Hey,

We have an existing account, we tried to add to control tower enrollment. It failed and compliance status is unknown.

So tried to recover by deleting the account factory provisioned product and add the account back to Ou.

But did not solve my problem, since I could not see the enroll option enabled, it is in disabled state.

We have role created in new account, sts is enabled. Please guide me on how can I recover it

Argomenti
Gestione e amministrazioneGestione finanziaria in cloud
Tag
Console di gestione AWSAWS Control TowerOrganizzazioni AWSFatturazione AWSGestore account AWS
Lingua
English
rePost-User-6180192
posta 2 anni fa388 visualizzazioni
1 Risposta
0

Hi There Have you tried moving the account to the root OU and then enrolling it?

From https://docs.aws.amazon.com/controltower/latest/userguide/troubleshooting.html#enrollment-failed

In this case, you must take two recovery steps before you can proceed with enrolling your existing account. First, you must terminate the Account Factory provisioned product through the AWS Service Catalog console. Next, you must use the AWS Organizations console to manually move the account out of the OU and back to the root. After that is done, create the AWSControlTowerExecution role in the account, and then fill in the Enroll account form again.

If that does not enable the Enroll button, then try creating a new OU, moving the account into that OU, and registering that OU. That will start the enrollment process again.

profile pictureAWS
ESPERTO
Matt-B
con risposta 2 anni fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente