Questions tagged with AWS Control Tower
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hi, I wanted if it's possible to create a whole Organization (and accounts) in an account which is already a part of a parent Organization.
Will look something like this:
ROOT-ACCOUNT
- OU 1
-...
1
answers
0
votes
468
views
asked 2 years agolg...
I’m trying to test out AWS MWAA (managed airflow) and running into an error: “All subnets do not belong to the user’s account” when trying to deploy the service to our development VPC. The...
1
answers
0
votes
1229
views
asked 2 years agolg...
Hi,
New to SecurityHub. Using AWS Organizations (not Control Tower) and made a new 'security-tooling' account as recommended in best practices to act as Master account for SecurityHub. I then...
1
answers
0
votes
1484
views
asked 2 years agolg...
Hello,
I'm setting up a new Control Tower managed organization using https://docs.aws.amazon.com/prescriptive-guidance/latest/security-reference-architecture/ as a reference. This suggests creating a...
2
answers
2
votes
1694
views
asked 2 years agolg...
Hello , I have used dummy emails to create few member accounts as part of my IAC code testing and since they are dummy emails i do not have root email credentials to login and delete those member...
2
answers
0
votes
2367
views
asked 2 years agolg...
I have a CodeBuild project that was created by AWS Control Tower Account Factory for Terraform.
Every time I tried to "Start build" in the console, it spits out following error:
Build failed to...
4
answers
0
votes
1907
views
asked 2 years agolg...
Control Tower Account Factory for Terraform (AFT) has been deployed, I updated and pushed a Sandbox account in terraform, the pipelines all say successful, but no account is created in my...
4
answers
0
votes
1263
views
asked 2 years agolg...
I have a production web app created with AWS Amplify/Appsync Cognito working in one account. To improve security I am going to migrate to multi-account. I will use AWS control tower to create the new...
1
answers
0
votes
565
views
asked 2 years agolg...
I followed the article about how to setup OICD for IAM:
* https://aws.amazon.com/blogs/apn/using-bitbucket-pipelines-and-openid-connect-to-deploy-to-amazon-s3/
*...
1
answers
0
votes
566
views
asked 2 years agolg...
I want to add our VCS as openId IdP for deploys. Is it possible to add this at the organisation level so all accounts in an OU automatically get that connection?
Or is it preferable to set this on an...
1
answers
0
votes
376
views
asked 2 years agolg...
Hello,
we have configured configured Control Tower landing zone and enrolled tens of accounts in our organization.
We would like to monitor some of the actions (ConsoleLogin, SwitchRole, CreateUser,...
1
answers
0
votes
1473
views
asked 2 years agolg...
Hello,
I'm supporting a client that have moved over to AWS Control Tower. They have leveraged AWS SSO with OKTA and have initiated in building their environment.
They queried if it was possible to...
3
answers
0
votes
1962
views
asked 2 years agolg...