- Newest
- Most votes
- Most comments
Hi,
the error states that a managed Service Control Policy was either deleted, detached or modified on a specific OU, in this case the "Security OU". In order to understand what happened, you can check events in CloudTrail which SCP was affected. With that information you should be able to recreate the previous configuration.
Please also note that it's not clear to me what you mean by "Will the following options cause a system reset?"
What you choose for these options depends on your requirements and use-case. For example, it might make sense to you to only allow access to a specific set of regions but you might also have a use-case that requires unrestricted access.
Hi Ben, Thank for your support . I have reattached SCP to the OU Security , but the drift still occurs, this error requires us to repair. https://docs.aws.amazon.com/controltower/latest/userguide/drift.html. My concern here is when we make a repair, how does the process affect the running system? I am especially confused with the options in the AWS account access configuration section.
- Option 1: AWS Control Tower sets up AWS account access with IAM Identity Center.
- Option 2: Self-managed AWS account access with IAM Identity Center or another method.
I have synchronously configured with AD in on prem (user/group). Do options change the permission sets created and assigned to users and groups?
Relevant content
- asked a month ago
- asked 2 years ago
- asked 9 months ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 2 months ago
Pls support me !