Control Tower Setup Failed

0

Hi, I was trying to setup Control Tower on personal account but it failed with below reason. In this account earlier I had OU and couple of accounts under OU. But all have been closed couple of days ago.

ERROR:-

AWS Control Tower failed to set up your landing zone completely: AWS Control Tower failed to update a stack instance. Reason: User: arn:aws:sts::<UNKNOWN_ACCOUNT_NUMBER>:assumed-role/AWSControlTowerExecution/e5c24f06-bc30-4429-8817-7659776eb838 is not authorized to perform: cloudformation:CreateStack on resource: arn:aws:cloudformation:us-east-2:<UNKNOWN_ACCOUNT_NUMBER>:stack/StackSet-AWSControlTowerLoggingResources-e20e52bb-b6a8-4463-b5f6-26c3bdf0f6be/* with an explicit deny in a service control policy Learn more

END ERROR

I am not sure what this 'UNKNOWN_ACCOUNT_NUMBER'(0355XXXXXXXX) is? it doesn't belong to any of my accounts(management or suspended).Does anyone have idea why ControlTower setup failed?

Thanks in advance.

feita há um ano361 visualizações
1 Resposta
0

Hi,

In case your account is not critical, I prefer that you could close and change your email on this AWS account. (Login to the root account) Then moving forward, create a new one to start from scratch because when deploying the Control Tower, it should follow the correct flow, or it will crash.

Best regards, Minh LE

profile picture
Minh Le
respondido há um ano

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas