1 Answer
- Newest
- Most votes
- Most comments
2
Hi, I believe the best way to do that is with your own custom SCP deployment rather than use the Region Deny setting in Control Tower, as it can't be modified. You can use the same template that Control Tower uses via this link. And deploy it via your own processes, which may use Customizations for Control Tower, Account Factory for Terraform or other infrastructure as code process.
answered 2 years ago
Relevant content
- asked 2 years ago
- asked 6 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 3 months ago
I opened a case and the customer support created a request at the internal team but for now just custom SCP or deactivation as workaround is possible.