This CloudFormation can be used to move AWS accounts between Lacework tenant/sub-accounts in bulk. This move occurs on the Lacework side only and does no impact the accounts on the AWS side. Simply specify the source and destination Lacework tenant/sub-account and then optionally specify the list of AWS accounts to move. Leave the list of AWS accounts blank to move all of the accounts.
-
Click on the following Launch Stack button to go to your CloudFormation console and launch the AWS Control Integration template.
For most deployments, you only need the Basic Configuration parameters.
Specify the following Basic Configuration parameters:- Enter a Stack name for the stack.
- Enter Your Lacework URL.
- Enter your Organization Admin Lacework Access Key ID and Secret Key that you copied from your API Keys file. See here.
- Enter the From Lacework Tenant/Sub-account Name that currently has the accounts.
- Enter the To Lacework Tenant/Sub-account Name where you want to move the accounts to.
- Enter the AWS Accounts as a comma-separated list of AWS Accounts IDs or leave blank to move all of the accounts.
-
Click Next through to your stack Review.
-
Accept the AWS CloudFormation terms and click Create stack.