Hi all,
I got this issue when setup Control Tower.
"AWS Control Tower failed to set up your landing zone completely: AWS Control Tower is not authorized to baseline the VPC in the enrolled account."
Firstly, I tried to add all required permissions, tried again but still failed.
Then, I removed all the relevant settings, and policies and re-try but still failed. When I click retry, it shows more errors messages below:
"AWS Control Tower could not update your landing zone at this time.
Retry updating your landing zone for access to AWS Control Tower. If the problem persists, contact AWS Support."
and
"Error
Failed to assume role arn:aws:iam::3084000xxxxx:role/service-role/AWSControlTowerAdmin"
For the assume role error, I've created and manually added all the required permission but still failed.
Please share your experienced on this issues. I'm stuck now.
