1回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
Hi There
You will need to manually repair your landing zone by re-inviting the shared accounts back to your organization.
To restore a shared account using the AWS Control Tower and AWS Organizations consoles (Manual remediation)
1. Sign in to the AWS Organizations console at https://console.aws.amazon.com/organizations/
2. You must sign in as an IAM user or role with the AWSOrganizationsFullAccess managed policy or equivalent.
3. Invite the shared account back to the organization. For information on the requirements, prerequisites, and procedure for inviting an account to AWS Organizations, see Inviting an AWS account to your organization in the AWS Organizations User Guide.
4. Sign in to the shared account that was removed, then go to https://console.aws.amazon.com/organizations/home#/invites to accept the invitation.
5. Sign in to the management account again.
6. Sign in to the AWS Control Tower console as an IAM user or role with the AWSControlTowerServiceRolePolicy managed policy or equivalent, and permissions to run all AWS Control Tower actions (controltower:*).
7. You'll see the Landing zone drift page with an option to repair the landing zone. Choose Repair to repair the landing zone.
8. Wait for the repair process to complete.
If remediation is successful, the shared account appears in a normal state and compliance.
If the remediation steps don't restore the account, contact AWS Support.
Hi There When i choose repair to repair the landing zone. There are many options when it comes to repair, how it affects the configuration on my running system. What services will be affected? Can you pls provide more details information