1 回答
- 最新
- 投票最多
- 评论最多
0
Control tower rolls out Guard rails in these 4 regions.
You can see this e.g. when you look at the Cloudformation StackSets in the CT payer account, like AWSControlTowerBP-BASELINE-CONFIG. This StackSet contains stack instances for every managed accounts in these 4 regions.
If STS is disabled in these regions then CloudFormation cannot assume the right role to deploy the template and therefore your account deployment / baselining will fail.