Control Tower that the parent organizational unit is not enrolled in AWS Control Tower, when it is

Question

I get the following error when i try to programmatically create a new account in a OU:
InvalidParametersException  The parent organizational unit 'ou-xxx-xxx' is not enrolled in AWS Control Tower

It's an empty OU without any accounts, but it says registered in the control tower console

Answer

Ok so it's unclear how you are programmatically create new account.

However, I'm assuming you are using the Service Catalog API, as specified [here](https://docs.aws.amazon.com/controltower/latest/userguide/automated-provisioning-walkthrough.html).

Please make sure the ManagedOrganizationalUnit field has the specific format of `OU_NAME (OU_ID)`

As seen below:

```
{
  pathId: "lpv2-7n2o3nudljh4e",
  productId: "prod-y422ydgjge2rs",
  provisionedProductName: "Example product 1",
  provisioningArtifactId: "pa-2mmz36cfpj2p4",
  provisioningParameters: [
    {
      key: "AccountEmail",
      value: "abc@amazon.com"
    },
    {
      key: "AccountName",
      value: "ABC"
    },
    {
      key: "ManagedOrganizationalUnit",
      value: "Custom (ou-xfe5-a8hb8ml8)"
    },
    {
      key: "SSOUserEmail",
      value: "abc@amazon.com"
    },
    {
      key: "SSOUserFirstName",
      value: "John"
    },
    {
      key: "SSOUserLastName",
      value: "Smith"
    }
  ],
  provisionToken: "c3c795a1-9824-4fb2-a4c2-4b1841be4068"
}      
```

Control Tower that the parent organizational unit is not enrolled in AWS Control Tower, when it is

Conteúdo relevante