AWS Control Tower - Ownership account
Hello, I am trying to figure something out that I noticed during my deployment of AWS Control Tower. There seems to be something different then I expected in the account page of the Control Tower landing page. The accounts like Log Archive and Audit all have their ownership to AWS Control Tower, you can see this via de GUI on the Control Tower Landing page. However, I used the account factory to spawn an account in a new OU (Shared Services). This account is called the Network account. The ownership of this account is set to: "Self"
My question really is: Why is it set to "Self", what influences this decision?
- 新しい順
- 投票が多い順
- コメントが多い順
After deploying Control Tower, you can enroll additional accounts. These accounts are self-managed under the defined Organization, and the email provided in their creation is the full owner of the account. Suggest to review the Multi-Account Whitepaper https://docs.aws.amazon.com/whitepapers/latest/organizing-your-aws-environment/organizing-your-aws-environment.html and Control Tower user guide https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html
