search

awslabs / landing-zone-accelerator-on-aws

Deploy a multi-account cloud foundation to support highly-regulated workloads and complex compliance requirements.
https://aws.amazon.com/solutions/implementations/landing-zone-accelerator-on-aws/
Apache License 2.0
565 stars 453 forks source link

Allow us to enable all Strongly recommended and Elective controls #323

Open rvanbutselaar opened 1 year ago

rvanbutselaar commented 1 year ago

Is your feature request related to a problem? Please describe. At this moment we can only enable AWS Control Tower Controls which starts with "AWS-GR", see

Describe the feature you'd like It would be nice if we can also enable all other Strongly recommended and Elective controls.

For example, this is an Elective control which does not start with "AWS-GR":

Screenshot 2023-11-14 at 08 54 08

Albe6089 commented 2 months ago

I am facing the same issue with my current LZA release version 1.9.2. Only the strongly recommended control is working. Even though elective control is supported, I am still encountering the errors below when I enable it. Invalid Control Tower control CT.EC2.PV.1, only strongly recommended or elective Control Tower controls are supported Invalid Control Tower control CT.CLOUDFORMATION.PR.1, only strongly recommended or elective Control Tower controls are supported Invalid Control Tower control CT.EC2.PR.11, only strongly recommended or elective Control Tower controls are supported error Command failed with exit code 1.