Questions tagged with AWS Control Tower
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
We start using Control Tower via console and it automatically sets security account and sandbox account. And Im using AFT for additional account requests.
Is there any way I can automate the setup of...
2
answers
0
votes
217
views
asked 7 months agolg...
I'm trying to run a Control Tower setup in an account that I've had for years but has little content in it.
The Error I receive is:
AWS Control Tower failed to set up your landing zone completely:...
3
answers
0
votes
453
views
asked 7 months agolg...
What can I do if I tried to redo the Control Tower setup but didn't remove the old audit and log-archive accounts? The setup is locked and can't change the names of the log-archive and audit accounts....
2
answers
0
votes
211
views
asked 7 months agolg...
Hi team.
I have some questions abot vpc flow logs.
1. I have Control Tower, and a Log Archive account with 02 buckets:
aws-controltower-logs-
aws-controltower-s3-access-logs-
By default when Account...
1
answers
0
votes
370
views
asked 7 months agolg...
Hello Team.
I have some questions:
1.- I have Control Tower implemented, this created Log Archive account, where I understand all logs from accounts are stored, rigth?, logs from Cloudtrail, Config...
1
answers
0
votes
411
views
asked 7 months agolg...
Hi Team.
I have implemented Control Tower, Controls (Guardrails) and Conformance Packs for all accounts. After that, I received many sns notifications from email audit account.
I understand that I...
1
answers
0
votes
267
views
asked 7 months agolg...
Hi Team.
I have installed AWS Control Tower, and I see that sns topics were enabled on Audit Account and every account members. Also I see lambda (named notification forwarder) as subscriptor of sns...
1
answers
0
votes
229
views
asked 7 months agolg...
Hello team.
I am enabling controls in Control Tower for OU that contains Shared Account (Log and Audit) and others OUs.
I have enabled this control: Disallow Actions as a Root User, but when the...
1
answers
0
votes
413
views
asked 7 months agolg...
AWS Control Tower Controls - Disallow Changes to Encryption Configuration for Amazon S3 Bucketslg...
Hello.
I have enabled this control Disallow Changes to Encryption Configuration for Amazon S3 Buckets from AWS Control Tower, after that, when I try to create a S3 bucket, I receive this error:...
1
answers
0
votes
219
views
asked 7 months agolg...
Hello.
I am implementing Controls (guardrails) with Control Tower. Per example I have enabled "Disallow Actions as a Root User" in ine OU, so when I try to do something with root user, it is no...
1
answers
0
votes
355
views
asked 7 months agolg...
Hello.
I implemented Control Tower, and according to documentation https://docs.aws.amazon.com/controltower/latest/userguide/how-control-tower-works.html, a AWS Config aggregator named...
3
answers
1
votes
478
views
asked 7 months agolg...
Hi, I am searching for best way how to configure "tags on creation" for the AWS Config logs written by AWS Control Tower.
**Situation:**
* AWS Control Tower is logging all configuration changes....
1
answers
0
votes
256
views
asked 7 months agolg...