Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

"It's not you, it's us" when accepting IAM Identity Center invitation

1

Hello, I was following the tutorial https://aws.amazon.com/getting-started/guides/setup-environment/module-two/ on creating IAM Identity center users. I started it yesterday, created a user, assigned a group, then I received email with invitation. When I clicked I was asked to choose MFA, which I didn't want yet, so I closed the browser tab. Today, I continued the tutorial with adding permission sets to that administrative user. But when I now open the invitation I get: "It's not you, it's us We couldn't complete your request right now, please try again later". Of course, later is no better. So maybe it's me, after all.

  1. How can I recover from that? Should I delete the user and create again?
  2. Is MFA mandatory for administrative users created that way? When the invitation was showing me the MFA options, it was stated that my AWS organization requires MFA. But it was me, who created that AWS organization, so I should be probably able to turn it off. The tutorial implies it's mandatory though.
Themen
Sicherheit, Identität & KonformitätManagement & Unternehmensführung
Tags
AWS IAM IdentitätszentrumAWS Kontoverwaltung
Sprache
English
Piotr
gefragt vor 2 Monaten232 Aufrufe
1 Antwort
1

Hello.

How can I recover from that? Should I delete the user and create again?

Yes, I think it would be easier to recreate it.

Is MFA mandatory for administrative users created that way? When the invitation was showing me the MFA options, it was stated that my AWS organization requires MFA. But it was me, who created that AWS organization, so I should be probably able to turn it off. The tutorial implies it's mandatory though.

I believe that IAM Identity center is set by default to require MFA to be registered at sign-in.
https://docs.aws.amazon.com/singlesignon/latest/userguide/how-to-configure-mfa-device-enforcement.html

If MFA is forced in IAM Identity center, I think the settings in the following document are related.
Please sign in as an administrator and check the settings in the document below.
https://docs.aws.amazon.com/singlesignon/latest/userguide/mfa-getting-started.html

a

It may be possible to resolve the issue by setting it to "Allow them to sign in".
b

profile picture
EXPERTE
Riku_Kobayashi
beantwortet vor 2 Monaten
profile picture
EXPERTE
Giovanni Lauria
überprüft vor 2 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt