1 Answer
- Newest
- Most votes
- Most comments
1
I think Option A is the best one. Create a new multi-account deployment with Control Tower, and then enroll the production account. The mandatory guardrails are unlikely to affect the production workload, as they are designed to protect the Control Tower configurations. What would be recommended is to create a dev environment account within the new environment that replicates production. You could then test the tightening of security configurations and guardrails, before applying them to production
answered 2 years ago
Relevant content
- asked 2 years ago
- asked 3 years ago
- Accepted Answerasked 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated a year ago