I'm trying to create an AWS Control Tower landing zone for my AWS organization, and am getting a message saying You must unsubscribe your organization from AWS CloudTrail so that AWS Control Tower can proceed. During the setup process, AWS Control Tower creates a new trail in the audit account that's part of your landing zone. How do I do this? Does this mean stopping all CloudTrail trails from sending logs, or is there an organization-wide setting to disable?
How do I unsubscribe my AWS organization from CloudTrail?
2.7k Views Asked by Celina At
1
There are 1 best solutions below
Related Questions in AMAZON-WEB-SERVICES
- Is curator's persistent ephemeral nodes just regular ephemeral with retries?
- IPython MPI with a Machinefile
- Prevent RabbitMQ erl_crash.dump files?
- Hazelcast 3.3 - EntryProcessor is accessing "non-local" keys
- Java RMI Compute Engine
- Data division on Addition of node to distributed System
- Shuffled vs non-shuffled coalesce in Apache Spark
- Accessing data on distributed database on OrientDB
- Leverage Round Robin DNS for image transfer
- MPI Allreduce error on MPICH 3.1.5 on ARMv7
Related Questions in AMAZON-CLOUDTRAIL
- Is curator's persistent ephemeral nodes just regular ephemeral with retries?
- IPython MPI with a Machinefile
- Prevent RabbitMQ erl_crash.dump files?
- Hazelcast 3.3 - EntryProcessor is accessing "non-local" keys
- Java RMI Compute Engine
- Data division on Addition of node to distributed System
- Shuffled vs non-shuffled coalesce in Apache Spark
- Accessing data on distributed database on OrientDB
- Leverage Round Robin DNS for image transfer
- MPI Allreduce error on MPICH 3.1.5 on ARMv7
Related Questions in AWS-ORGANIZATIONS
- Is curator's persistent ephemeral nodes just regular ephemeral with retries?
- IPython MPI with a Machinefile
- Prevent RabbitMQ erl_crash.dump files?
- Hazelcast 3.3 - EntryProcessor is accessing "non-local" keys
- Java RMI Compute Engine
- Data division on Addition of node to distributed System
- Shuffled vs non-shuffled coalesce in Apache Spark
- Accessing data on distributed database on OrientDB
- Leverage Round Robin DNS for image transfer
- MPI Allreduce error on MPICH 3.1.5 on ARMv7
Related Questions in AWS-CONTROL-TOWER
- Is curator's persistent ephemeral nodes just regular ephemeral with retries?
- IPython MPI with a Machinefile
- Prevent RabbitMQ erl_crash.dump files?
- Hazelcast 3.3 - EntryProcessor is accessing "non-local" keys
- Java RMI Compute Engine
- Data division on Addition of node to distributed System
- Shuffled vs non-shuffled coalesce in Apache Spark
- Accessing data on distributed database on OrientDB
- Leverage Round Robin DNS for image transfer
- MPI Allreduce error on MPICH 3.1.5 on ARMv7
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
AWS Control Tower needs trusted access to be disabled for both Cloudtrail and Config. To disable this you need to login into the Organization management account, and go to AWS Organizations > Services > Disable Config/Cloudtrail.
Trusted access enabled at an Organization level enables these services to inject service roles in all member accounts where they need to change something. Disabling this for Cloudtrail would result in the Organization trail not working anymore, however the master trail would still be intact. All shadow trails in member accounts would be disabled. AWS still allows you to search/filter/download cloudtrail management events in each of the member accounts for last 90 days, just that they wouldn't be transferred to a central s3 bucket for storage.