Unable to Launch AWS Control tower

Question

Hi, I am trying to test out Control Tower, however, i am not able to get past the initial deployment as i get the following errors, Any ideas on how to rectify this?

Error
AWS Control Tower failed to set up your landing zone completely: AWS Control Tower is not authorized to baseline the VPC in the enrolled account.

Answer

Hello

[From AWS Docs: ](https://docs.aws.amazon.com/controltower/latest/userguide/troubleshooting.html)

Common cause: AWS Control Tower always removes the AWS default VPC during initial provisioning. To have an AWS default VPC in an account, you must add it after account creation. AWS Control Tower has its own default VPC that replaces the AWS default VPC, unless you set up Account Factory the way the walkthrough shows you—-so that AWS Control Tower doesn’t provision a VPC at all. Then the account has no VPC. You’d have to re-add the AWS default VPC if you want to use that one.

However, AWS Control Tower doesn't support the AWS default VPC. Deploying one causes the account to enter a Tainted state. When it is in that state, you cannot update the account through AWS Service Catalog.

Action to take: **You must delete the default VPC that you added**, and then you will be able to update the account.

Unable to Launch AWS Control tower

관련 콘텐츠