Questions tagged with AWS Control Tower
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Planning to enable this preventive control '[CT.S3.PR.1] Require an Amazon S3 bucket to have block public access settings configured' in Control Tower. Is there any way to set exception to some S3...
2
answers
0
votes
385
views
asked a year agolg...
Hi, I want to have a standard VPC design template to provision VPC for the sandbox account, where i can find the documentation to start for? it is for an aws landing zone
3
answers
0
votes
252
views
asked a year agolg...
# Aim
Our organization had a functional requirement where the name of the CloudWatch Log Group for the Org trail needs to be in a certain format.
# Justification
By creating duplicate Trails across...
3
answers
1
votes
506
views
asked a year agolg...
Hello,
Is it possible to have 2 audit accounts in the same Control Tower. The idea behind this is one audit account to be responsible for some OUs and the "second" audit account to be responsible only...
2
answers
0
votes
939
views
asked a year agolg...
Hi,
I've installed the CfCT solution for customizing the landing zone and it works fine with the example provided. The next step was to enable AWS::ControlTower::EnabledControl for some recommended...
2
answers
0
votes
374
views
asked a year agolg...
Hi there
I'm trying to set up ControlTower. I had a first failure looking pretty much like...
1
answers
0
votes
138
views
asked a year agolg...
We are trying to test the effect of updating the landing zone in our existing accounts from 3.0 to 3.1
When we created a test account, it already used version 3.1.
Is there a way to specify an older...
1
answers
0
votes
242
views
asked a year agolg...
Hello,
We are trying to add a region to our landing zone settings. We wanted to add California as one of our governed zones.
We modified the landing zone set leaving everything the same except...
1
answers
0
votes
710
views
asked a year agolg...
How does an account created via Aws Control Tower "Account factory" differs from the account created via the IAM Identity Center?
1
answers
0
votes
841
views
asked a year agolg...
I want tu set up landing zone, have this msg:
AWS Control Tower failed to set up your landing zone completely: AWS Control Tower cannot deploy the required stack set. To continue, add the AWS...
1
answers
0
votes
202
views
asked a year agolg...
I can see we can apply nist pack from security hub as well as through detective guardrails from control tower. I know detective guardrails are been applied through aws config. But why and what are the...
2
answers
0
votes
476
views
asked a year agolg...
In a control tower environment, is it possible to have the S3 access logs from each account sent to a central bucket in the Log Archive account?
Thanks,
DJ
2
answers
0
votes
599
views
asked a year agolg...