AWS Control Tower setup failed

Question

I'm working on setting up Multi-Account AWS Landscape using AWS Control Tower - primarily Root --> Core-->Audit, Archive Root --> Custom --> Network, Security, QA and Prod Management Account.

I was able to successfully set up the Audit, Archive, Network and Security account, however, the QA and Prod enroll Account failed for the below reason. I followed the same steps for setting up Network, Security, QA and Prod accounts.

QA Account Error:

AWS Control Tower could not enroll your account for the following reason: AWS Control Tower setup failed. Be sure your account is subscribed to the AWS EC2 service, then try again. If this error persists, contact AWS Support.

Prod Account Error:

AWS Control Tower could not enroll your account for the following reason: AWS Control Tower detects that your enrolled account has been moved to a new organizational unit. The account is in an inconsistent state and you may incur unintended charges. To continue, terminate the account in AWS Service Catalog and enroll it again. If the move was not intended, return the account to its original OU and update the account from AWS Service Catalog.

Answer 1

Regards this error "Be sure your account is subscribed to the AWS EC2 service, then try again. If this error persists, contact AWS Support" which I received when migrating to my Organisation using Control Tower I resolved it by force updating my billing preferences adding a dot to my address line and re-verifying my credit card. Seems odd, but found this solution elsewhere and it worked for me!

Answer 2

huge time gap between the issue and my recommendation, still putting out there thinking it might help someone...

aws cloudformation delete-stack-instances \
    --stack-set-name AWSControlTowerBP-BASELINE-CONFIG \
    --accounts $LOGACCOUNTID $DELEGATEACCOUNTID \
    --regions $REGION1 $REGION2 \
    --no-retain-stacks

retry again it will get through and create the tower then you can