Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

AWS Control Tower VPC: Do vpc configuration changes propagate to accounts after they have been created?

0

For example,

  • I created a account, "ABC", through account factory with a control tower vpc with no public internet access.
  • I modified account factory vpc to HAVE public internet access
  • I updated account "ABC" in control tower
  • Account "ABC" still has no public internet access with a NAT

Should i expect accounts to receive control tower vpc configuration changes after account creation?

Topics
Management & Governance
Tags
AWS Control Tower
Language
English
asked 3 years ago545 views
1 Answer
0

Hi There

Control Tower does not detect drift in existing accounts when you update the Account Factory VPC settings, therefore an account update wont change the VPC settings in the existing account. In this scenario you may want to consider one of the customization approaches like AFT or CfCT to provision your accounts with custom resources and keep them all in sync.

AWS
EXPERT
answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content