1 Answer
- Newest
- Most votes
- Most comments
1
I think Option A is the best one. Create a new multi-account deployment with Control Tower, and then enroll the production account. The mandatory guardrails are unlikely to affect the production workload, as they are designed to protect the Control Tower configurations. What would be recommended is to create a dev environment account within the new environment that replicates production. You could then test the tightening of security configurations and guardrails, before applying them to production
answered 2 years ago
Relevant content
- Accepted Answerasked 2 years ago
- Accepted Answerasked a year ago
- asked 3 years ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago