Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

Scripted Unmanage of Control Tower Managed AWS Accounts prior to Closing

0

AWS best practice is to unmanage a member account before closing it. I can use the CloseAccount API to close the account, but the documentation is not clear on a scripted method to unmanage an AWS account.

The closest I can find is the aws servicecatalogue terminate-provisioned-product API but the terms unmanage and terminate appear to have different connotations

My use-case is to be able to fully close a Control Tower managed account inline with AWS best practises.

Tópicos
Gestão e governança
Tags
Torre de controle da AWSOrganizações da AWSGerenciamento de contas da AWS
Idioma
English
Simon Cox
feita há 2 anos382 visualizações
1 Resposta
2
Resposta aceita

Hi

When you terminate the provisioned product in Service catalog (either through the console or the TerminateProvisionedProduct API), you are effectively un-managing the account.

Once you terminate the provisioned product, the account will show as "Not Enrolled" in Control Tower. You can then use the CloseAccount API to close the account. Once you do that, it will remain in the Suspended state for 90 days.

So if you were scripting this you can:

  1. Terminate the provisioned product via TerminateProvisionedProduct API
  2. Use DescribeRecord API to check the status of the above. Once fully terminated:
  3. Use CloseAccount API to close the account
profile pictureAWS
ESPECIALISTA
Matt-B
respondido há 2 anos
  • Simon Cox
    há 2 anos

    Thanks thanks exactly the clarification I needed.

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante