By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Control Tower Automation

0

We start using Control Tower via console and it automatically sets security account and sandbox account. And Im using AFT for additional account requests. Is there any way I can automate the setup of control tower itself like setting security account and sandbox account

Topics
Management & Governance
Tags
AWS Control TowerAWS OrganizationsTerraform
Language
English
Gajalakshmi
asked 6 months ago207 views
2 Answers
0
Accepted Answer

Hi, unfortunately there is no API call or automation that can do the initial setup of Control Tower and it's Landing Zone at this time. We hope to add that functionality in the future. You can automate Control Tower control configuration using Terraform against the Organization Management Account (Where Control Tower resides) https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/controltower_control

To configure resources in the Log-Archive or Audit accounts, you can add them to AFT using the same process you would to provision a new account. Create a new account request but use the existing account details (Account Name, Account email address and Organizational Unit)

profile pictureAWS
Jimmy Morgan
answered 6 months ago
profile picture
EXPERT
Giovanni Lauria
reviewed 24 days ago
  • Gajalakshmi
    6 months ago

    Hello ,can we implement new OU with AFT

0

Checkout this blog. You may also want to take a look at the Landing Zone Accelerator if your organization has complex compliance requirement.

Let me know if you have any other questions or if you run into issues walking through the blog.

AWS
iuurquiz
answered 6 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content