- 最新
- 最多得票
- 最多評論
Hi There
From https://docs.aws.amazon.com/controltower/latest/userguide/troubleshooting.html#enrollment-failed
In this case, you must take two recovery steps before you can proceed with enrolling your existing account. First, you must terminate the Account Factory provisioned product through the AWS Service Catalog console. Next, you must use the AWS Organizations console to manually move the account out of the OU and back to the root. After that is done, create the AWSControlTowerExecution role in the account, and then fill in the Enroll account form again.
Since you already have the account in the root, try to create a new temporary OU outside of Control Tower through Organizations, move the failed account into that OU, then register the OU with CT to perform the enrollment. That will start the enrollment process again.
https://docs.aws.amazon.com/controltower/latest/userguide/importing-existing.html
Hi Matt, I was able to create a new OU and move the failed account to this OU in AWS organizations. In CT I then registered the OU, the account enrolled successfully. I then moved it to the correct OU, in AWS Organizations and then updated the account via CT. It was enrolled successfully in correct OU.
Thanks for your help. Declan
相關內容
- 已提問 6 個月前
- 已提問 1 年前
AWS 官方已更新 7 個月前
Hi Matt, thanks for your reply. How do I then get the account into the OU where I want it to live? Can I move it to another OU whichis already registered in CT?
Thanks, D