By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS Control Tower VPC: Do vpc configuration changes propagate to accounts after they have been created?

0

For example,

  • I created a account, "ABC", through account factory with a control tower vpc with no public internet access.
  • I modified account factory vpc to HAVE public internet access
  • I updated account "ABC" in control tower
  • Account "ABC" still has no public internet access with a NAT

Should i expect accounts to receive control tower vpc configuration changes after account creation?

Topics
Management & Governance
Tags
AWS Control Tower
Language
English
mg-omcare
asked a year ago335 views
1 Answer
0

Hi There

Control Tower does not detect drift in existing accounts when you update the Account Factory VPC settings, therefore an account update wont change the VPC settings in the existing account. In this scenario you may want to consider one of the customization approaches like AFT or CfCT to provision your accounts with custom resources and keep them all in sync.

profile pictureAWS
EXPERT
Matt-B
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content