- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
Looks like it is not possible to re-create the landing zone. Please refer to the Control Tower documentation at: https://docs.aws.amazon.com/controltower/latest/userguide/decommission-landing-zone.html
Suggest you log a support request to confirm the above.
==== Extracted from the documentation ====
! Important
We strongly recommend that you perform this decommissioning process only if you intend to stop using your landing zone. It is not possible to re-create your existing landing zone after you've decommissioned it.it https://docs.aws.amazon.com/controltower/latest/userguide/decommission-landing-zone.html
You can recreate the landing zone, but it needs a couple of manual operations after decommisioning. You can find a great Walkthrough in this link
In this case in particular: I've seen twice that exactly error message and in both of it the issue was that CT's roles or policies or both were still there. You can delete them with the following commands:
# Detach roles aws iam detach-role-policy --role-name AWSControlTowerAdmin --policy-arn arn:aws:iam::$AWS_ACCOUNT:policy/service-role/AWSControlTowerAdminPolicy aws iam detach-role-policy --role-name AWSControlTowerCloudTrailRole --policy-arn arn:aws:iam::$AWS_ACCOUNT:policy/service-role/AWSControlTowerCloudTrailRolePolicy aws iam detach-role-policy --role-name AWSControlTowerStackSetRole --policy-arn arn:aws:iam::$AWS_ACCOUNT:policy/service-role/AWSControlTowerStackSetRolePolicy # Delete policies aws iam delete-policy --policy-arn arn:aws:iam::$AWS_ACCOUNT:policy/service-role/AWSControlTowerAdminPolicy aws iam delete-policy --policy-arn arn:aws:iam::$AWS_ACCOUNT:policy/service-role/AWSControlTowerCloudTrailRolePolicy aws iam delete-policy --policy-arn arn:aws:iam::$AWS_ACCOUNT:policy/service-role/AWSControlTowerStackSetRolePolicy # Delete roles aws iam delete-role --role-name AWSControlTowerAdmin aws iam delete-role --role-name AWSControlTowerCloudTrailRole aws iam delete-role --role-name AWSControlTowerStackSetRole
Hope it helps
Contenuto pertinente
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 4 mesi fa