Questions tagged with AWS Control Tower
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
I have an organization that's updating its accounts to Control Tower Landing Zone 3.0. As we do so, we're finding that the upgraded accounts fail Security Hub AWS Foundational Security Best Practices...
2
answers
0
votes
654
views
asked a year agolg...
I have already decommissioned AWS tower from ap-northeast-1 and want to reconfigure AWS tower again on the same region ap-northeast-1
But when I setup landing zone again. I received this error...
2
answers
0
votes
446
views
asked 2 years agolg...
Hello,
We just setup AWS Tower on our organization. Everything ran smoothly but we detected a strange policy applied by AWS Tower on the bucket responsible to aggregate Cloudtrail trails from all of...
1
answers
2
votes
253
views
asked 2 years agolg...
Hi,
I created some (5) new accounts via the AWS Organization (which I shouldn't have, should be using the Control Tower) and trying to enroll them into the Control Tower. It was fine for the first 2...
1
answers
0
votes
1850
views
asked 2 years agolg...
We have an existing multi-account environment with the majority of AWS services, so do not need to use Landing Zone Accelerator (LZA) or AWS Control Tower. We use Terraform to build resources within...
2
answers
0
votes
883
views
asked 2 years agolg...
We've recently noticed that the AWS Control Tower control: "Detect whether MFA is enabled for AWS IAM users of the AWS Console" is reporting a false positive result (NON_COMPLIANT) for a user that was...
0
answers
0
votes
127
views
asked 2 years agolg...
I plan to create Landing Zone (Control Tower) for my company. It will create the organization as well. I want to know if I still can join master account Landing Zone to another AWS Partner Org for...
1
answers
0
votes
310
views
asked 2 years agolg...
I am working through the Cloud Environment Guide Workshop in preparation for an upcoming customer Immersion Day. The Control Tower has been deployed with the various best practices recommended by the...
1
answers
0
votes
344
views
asked 2 years agolg...
I am working through a Control Tower workshop, and my understanding from the documentation is that IAM Identity Center (formerly AWS SSO) is where I go to create new users going forward with a Control...
1
answers
0
votes
1120
views
asked 2 years agolg...
Hi,
Actually we try to generate a policy based on CloudTrail events, but we have Control Tower and a centralized bucket for all cloudtrails to all our accounts.
We follow this blog:...
2
answers
0
votes
228
views
asked 2 years agolg...
The issue is our accounts are in control tower environment and in control tower there are no options to add config rules other than Predefined ones, in those predefined ones there is non for security...
2
answers
0
votes
301
views
asked 2 years agolg...
I am getting "Landing zone drift detected" while accessing control tower and cause of this issue is listed as
The core account, Log archive **** was removed from your organization in AWS...
1
answers
0
votes
1309
views
asked 2 years agolg...