如何将 AWS Organizations 下的 aws 账户注册到 Control Tower 创建的 OU
[英]How to enroll aws accounts under AWS Organizations into a Control Tower created OU
问题描述
I want to enroll 2 aws accounts which are created in an aws organization under lets say Root Account 1 into the Organization Units created by Control Tower in Root Account 2.
我想将在 aws 组织中创建的 2 个 aws 帐户注册到根帐户 2 中控制塔创建的组织单元中,例如根帐户 1。
The main problem here is that the two root accounts are totally different accounts and they are not linked to each other in any way.这里的主要问题是这两个 root 帐户是完全不同的帐户,并且它们没有以任何方式相互关联。
1 个解决方案
解决方案1
1 2022-07-14 13:53:08
An AWS Organization always has exactly one management account . AWS 组织始终只有一个管理账户。 The management account is the one hosting the AWS Organization, and also the account that you have to call all AWS Organizations API operations on.管理账户是托管 AWS Organization 的账户,也是您必须调用所有 AWS Organizations API 操作的账户。
Control Tower is an AWS Service that orchestrates AWS Organizations and a bunch of other AWS services for you as a convenient starting point for basic landing zone needs. Control Tower 是一项 AWS 服务,它为您协调 AWS Organizations 和一系列其他 AWS 服务,作为基本登陆区需求的便捷起点。 AWS Control Tower itself can be hosted on another account than the management account. AWS Control Tower 本身可以托管在管理账户之外的另一个账户上。
The scenario you describe sounds like Root Account 1 is the management account, so even though control tower (from account 2) created the OU, it created them in the AWS Organization management account (account 1).您描述的场景听起来像根账户 1 是管理账户,因此即使控制塔(来自账户 2)创建了 OU,它也在 AWS 组织管理账户(账户 1)中创建了它们。 So enrolling additional accounts in the organization (account 1) via control tower (account 2) should not be a problem at all.因此,通过控制塔(帐户 2)在组织中注册其他帐户(帐户 1)根本不成问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.