Questions tagged with AWS Control Tower
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
I followed the article about how to setup OICD for IAM:
* https://aws.amazon.com/blogs/apn/using-bitbucket-pipelines-and-openid-connect-to-deploy-to-amazon-s3/
*...
1
answers
0
votes
571
views
asked 2 years agolg...
I want to add our VCS as openId IdP for deploys. Is it possible to add this at the organisation level so all accounts in an OU automatically get that connection?
Or is it preferable to set this on an...
1
answers
0
votes
385
views
asked 2 years agolg...
Hello,
we have configured configured Control Tower landing zone and enrolled tens of accounts in our organization.
We would like to monitor some of the actions (ConsoleLogin, SwitchRole, CreateUser,...
1
answers
0
votes
1492
views
asked 2 years agolg...
Hello,
I'm supporting a client that have moved over to AWS Control Tower. They have leveraged AWS SSO with OKTA and have initiated in building their environment.
They queried if it was possible to...
3
answers
0
votes
1981
views
asked 2 years agolg...
Hello,
we are using AWS Control Tower and Account Factory for account provisioning.
We have protected management account root email following [recomended best...
1
answers
0
votes
2083
views
asked 2 years agolg...
Have a Control Tower Setup and in main account have set ABAC - SSMSessionRunAs = ${user:name} in AWS SSO. In one of the Workload accounts, I have configured Systems Manager Preferences with "Run As"...
1
answers
0
votes
807
views
asked 2 years agolg...
Hi, One of my cust has an AWS Organization & control tower with about 15 accounts. I wanted to enable Guardduty to about 10 accounts in them. Is it better to do at individual account level or in AWS...
1
answers
0
votes
813
views
asked 2 years agolg...
Hello, I am facing the following issue while trying to launch a control tower landing zone in a new AWS account:
AWS Control Tower failed to set up your landing zone completely: AWS Control Tower...
2
answers
0
votes
1718
views
asked 2 years agolg...
Hello, in our Test Org. we installed Control Tower like described in (https://www.youtube.com/watch?v=CwRy0t8nfgM) after that we set up IAM Access Analyzer, GuardDuty and SecurityHub like described in...
1
answers
0
votes
523
views
asked 2 years agolg...
Control Tower that the parent organizational unit is not enrolled in AWS Control Tower, when it islg...
I get the following error when i try to programmatically create a new account in a OU:
InvalidParametersException The parent organizational unit 'ou-xxx-xxx' is not enrolled in AWS Control...
1
answers
0
votes
1541
views
asked 2 years agolg...
Hi,
I have what I think is a common use case:
Control Tower creates an S3 Bucket in the Logging account where it centralizes all Cloudtrail and Config logs. Control Tower also deploys a mandatory...
1
answers
3
votes
3705
views
asked 2 years agolg...
Hi, is it possible to delete AWS Tower failed installation. I attempted to setup AWS Tower in my organization in the eu-west-1 region but the installation failed with an error "*AWS Control Tower...
3
answers
0
votes
1536
views
asked 2 years agolg...