feat: Deploy Control Tower with existing account in Org

[mbevc1]

Is your feature request related to a problem? Please describe. I wonder if there is a reason why installing LZA in an Org with existing (even Suspended) accounts fails the preflight check and errors out.

The only AWS account in the AWS Organization is the management account.

Describe the feature you'd like Install LZA in Org with existing accounts.

Additional context n/a

[richardkeit]

Hey @mbevc1 ,

Have you read this https://docs.aws.amazon.com/solutions/latest/landing-zone-accelerator-on-aws/prerequisites.html#for-aws-control-tower-based-installation ?

I believe this has been a design decision from the LZA team and they've done their best to describe the intended behaviour.

[mbevc1]

Hi @richardkeit .

Thanks for the link and I've seen it. I think the mentioned docs is not explaining the reasoning, which i was interested in, but manually deploying CT seems to get around that check and starts the pipeline - I'll report back if that fails as it's still ongoing :)

[mbevc1]

Seems manual CT deployment and then running works works fine. Just minor tweaks to to config to reflect existing OU/accounts. Perhaps this could be better documented at least :wink: