For the most recent update on ongoing service disruptions affecting the AWS Middle East (UAE) Region (ME-CENTRAL-1), refer to the AWS Health Dashboard. For information on AWS Service migration, see How do I migrate my services to another region?
All Content tagged with AWS Control Tower
AWS Control Tower provides the easiest way to set up and govern a secure, multi-account AWS environment, called a landing zone.
Content language: English
Filter content
Select tags to filter
Sort by
Sort by most recent
337 results
Recently I hit an error similar to a [recent issue](https://repost.aws/questions/QU7YS8sPTFTD65xKenzbCFag/account-lambda-memory-limit-stuck-at-3008) where my new accounts are hitting a memory limit on...
Ram PatelEXPERT
published a month ago5 votes288 views
This comprehensive guide will help to validate LZA configuration files locally. One of the significant pain points for users of LZA is the waiting time for the pipeline to run. This solution lets user...
I am trying to decommission an AWS Control Tower Landing Zone, but the process fails with the following error:
AWS Control Tower has failed to decommission your landing zone.
An error occurred while ...
Hi all
I am encountering a `Bucket access denied` error in the `aws-controltower-BaselineCloudTrail` cloudtrail, specifically affecting only a subset of member accounts. While several other accounts ...
asked 2 months ago
Ramu VaranasiEXPERT
published 3 months ago0 votes438 views
When using Amazon Bedrock with inference profiles in an AWS environment restricted by Control Tower, you may encounter challenges accessing required regions. This article explains how to maintain secu...
**Background**: AWS Control Tower was deployed in an existing AWS Organization with 100s of AWS account. The AWSControlTowerExecution role was rolled out in bulk using AWS CloudFormation stackset in d...
asked 3 months ago
I tried following the steps: herehttps://repost.aws/questions/QUx25XcQFaQNic0VkqCu3bBw/how-can-i-properly-modify-a-bucket-managed-by-control-tower
However, after creating this role to assume and assi...
Matt BarbieriEXPERT
published 3 months ago0 votes494 views
AWS Control Tower blocks direct modifications to the log archive bucket policy to protect audit logs. While you can bypass this using the AWSControlTowerExecution role, this risks drift detection, pol...
**Problem:**
I have an S3 bucket that was created and is managed by AWS Control Tower
**Solution:**
I need a solution that will allow me to modify the bucket just to change some of the S3 bucket poli...
What's the best way to achieve this?
**Problem:** I have a situation where I have an external service that is ingesting logs from conrol tower s3 bucket, previously, It was recommended by one o repl...
**Problem**:
I have a AWS environment that utilizes Control Tower, it previously automatically created a Log Archive Account. Within this account.
I need to modify the existing Control Tower S3 buck...