By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS Tower Setup failed: Subscribe To AWS EC2 Service

0

Hi, is it possible to delete AWS Tower failed installation. I attempted to setup AWS Tower in my organization in the eu-west-1 region but the installation failed with an error "*AWS Control Tower failed to set up your landing zone completely: AWS Control Tower setup failed. Be sure your account is subscribed to the AWS EC2 service, then try again. *

I have attempted to retry and I still get the same error, I notice that the accounts were created but everything that is done behind the scene has failed.

Is there an easy way to delete the Tower setup and start from scratch.

Topics
Management & Governance
Tags
AWS Control TowerAWS OrganizationsAWS Account Management
Language
English
Divine
asked 2 years ago1435 views
3 Answers
1

You can decommission the Landing Zone, however some resources still going to be there, such as s3 buckets and CW logs.

https://docs.aws.amazon.com/controltower/latest/userguide/walkthrough-delete.html

AWS-User-3204258
answered 2 years ago
  • Divine
    2 years ago

    Thank you, I was reading over the docs. I think I would need AWS to resolve the problem as it actually failed. The document says it won't resolve a failure. I was trying to take the easy way out "I thought" by using Tower. It may be better off just building my own landing zone.

0
  1. Which account are you trying to deploy the Control Tower (CT) Landing Zone on? Is it the organizations management account? Is there any SCPs and /or restrictive policies applied to the account and the user / role?
  2. How long has the account been opened and is there any resources such as EC2 instances running in that account? If not please do launch 2 EC2 instances for about 30 mins.
  3. Have you reviewed the pre-requisites for deploy CT Landing Zone here?
  4. I would suggest you contact AWS Support in your support center so they can take a look into your account.
  5. It is possible to clean up the Landing Zone, besides the documentation, you might need to manually reset the root password and close the log archive and audit accounts. You will need two new email addressed for a brand new deployment. But like you mentioned before, it's a last resort to try only if no other causes can be identified.
Jason_S
answered 2 years ago
  • Maycon Santos
    2 years ago

    Hello @Json_S, I am facing the same issue. In my case, it is a new account, that was created over 3 days but never used.

    I received the error and also launched an instance for over 30 minutes after seeing your suggestion. Also, unless Control tower is blocked by default, I don't think I am going over any quotas.

    As I don't have a paid support plan, I am unable to contact the support directly, is there any other step that you suggest I take? I really would like to avoid have to recreate the setup.

0

See my solution for this issue here: https://repost.aws/questions/QU-M-RnrdnQ9Kfsunai4mkMA/issue-building-control-tower-landing-zone-on-a-new-account-aws-control-tower-setup-failed-be-sure-your-account-is-subscribed-to-the-aws-ec2-service-then-try-again#ANy4f_d42-QBy6uM686kQj_g

profile picture
EXPERT
Denis Astahov - ADV-IT
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content