Unable to update Control Tower landing zone, when config recorder managed in audit account has been deleted
0
Steps to reproduce issue :
- Control tower landing zone is configured
- Config recorder for audit account has been accidentally deleted through CLI
- Try to Update Landing zone
- Failed with error : "AWS Control Tower could not find the configuration recorder for account <audit_account_id> in region <region>. It may have been deleted. Update account under OU the try again, or contact AWS Support. My question is how is the best way to re-create this config recorder.
Thank you for your help.
asked 9 months ago281 views
1 Answer
- Newest
- Most votes
- Most comments
0
Hello aolfa, I think redeploying the StackSet 'AWSControlTowerBP-BASELINE-CONFIG' to your audit account would be helpful in resolving your issue I recommend deleting the stack instance for your audit account by following the steps outlined in this document [1], and then recreating the stack instance by updating the StackSet "AWSControlTowerBP-BASELINE-CONFIG" [2]. [1] - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stackinstances-delete.html [2] - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stackinstances-create.html I hope this method works. :)
answered 9 months ago
Relevant content
- asked a month ago
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated a year ago
This worked thank you!
I was happy to help you. :)