By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AFT Control Tower - rollback customization

0

Hi, Is there a way to rollback the customization applied through AFT? For example, how to rollback the "aws_s3_account_public_access_block" created resource deployed as a global customization. For removing a provisioned account, the documentation exists, but nothing on rolling back customizations only. Thank you.

Topics
Management & Governance
Tags
AWS Control Tower
Language
English
RoxTeo
asked 10 months ago312 views
1 Answer
1

Hi There

AFT provides a way to re-invoke customizations in the AFT pipeline. This method is useful when you’ve added a new customization step, or when you are making changes to an existing customization. See https://docs.aws.amazon.com/controltower/latest/userguide/aft-account-customization-options.html#aft-re-invoke-customizations

profile pictureAWS
EXPERT
Matt-B
answered 10 months ago
  • RoxTeo
    10 months ago

    Hi Matt-B,

    Thank you for replying. I've tested the proposed solution by re-invoking the AFT pipeline as described in the guide. The re-invoke works as expected, however the resource that I was expecting to be removed from the targeted account did not get deleted. What I did is that I commented the terraform resource in the main.tf file and re-invoked the aft-account-customizations pipeline. Maybe I'm missing something or maybe it is not enough to just comment the resource in that file.

    UPDATE: I've just noticed that it worked by commenting the resource block and re-invoking the pipeline. It just takes a while 10-15 minutes to take effect and this is why I concluded it did not work. Thanks again for the help!

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content