{{#include ../../../../banners/hacktricks-training.md}}
{{#ref}} ../../aws-services/aws-security-and-detection-services/aws-control-tower-enum.md {{#endref}}
To further exploit an account, you might need to disable/enable Control Tower controls:
aws controltower disable-control --control-identifier <arn_control_id> --target-identifier <arn_account>
aws controltower enable-control --control-identifier <arn_control_id> --target-identifier <arn_account>{{#include ../../../../banners/hacktricks-training.md}}