Account created via control tower not shown

Question

Using control tower I set up an account calling it $account-name and I saw from cloudtrail that the creation properly started, but I can't seem to find it anywhere.
I can see the other accounts I created with no problems, but if I'm not finding $account-name anywhere and if I try to create an account with the same name, the creation fails telling me "A stack named $account-name already exists"

The issue is that calling both `aws organizations list-accounts` and `aws organizations list-create-account-status`, $account-name is not listed and therefore I can't delete the stack and recreate it.

Has this happened to anyone else? Where can I find the account stack to delete it and recreate it?

Answer

Did you use Account Factory within Control Tower to create the account? If so you can verify the status of the account in AWS Service Catalog under Provisioned products list.

Answer

The word "stack" generally would refer to CloudFormation stacks so that would be the first place I would check.

It would be in the Control Tower management account. It's possible that a CloudFormation stack was created to help provision some of the Control Tower resources for the account, but something failed along the way.

It's strange that you don't see the account on the organizations page, though. I would also try to recover the account using "Forgot Password" with the root user email you selected to determine if the account was created. Perhaps the Cloudformation stacks were created (and failed) before the account was 100% finished leaving the account in a state where it was rolled back (deleted by AWS) but the CloudFormation stacks were not.

Account created via control tower not shown

Contenuto pertinente