Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

In Multi-Account setup, how to grant Service Catalog Portfolio access to IAM Identity center users in different account?

0

Hello - I am using AWS Control Tower and I have a Management Account and a Development Account. I use IAM Identity Center. I have created a AWS Service Catalog Portfolio in my Management Account and I want to share it with users in my Development Account.

I have tried the following 2 options:

  • the "Share" option in the portfolio to share with OU containing the Development Account.
  • providing access to the "role" i.e. the role in IAM that will be assumed when the SSO user logs in. In both cases, when I go to the Development account and try to import the portfolio, I get an error saying "Error: Portfolio xxxxx not found".

Please let me know what I amd doing wrong.

Thanks, Anand

Temas
Gestión y gobiernoSeguridad, identidad y cumplimiento
Etiquetas
AWS OrganizationsAWS Service CatalogCentro de identidad de AWS IAM
Idioma
English
Anand R
preguntada hace 5 meses269 visualizaciones
3 Respuestas
0
Respuesta aceptada

I resolved it. My portfolio was created in a different region than where my Organization home. When I created the portfolio in the same region, it worked.

Anand R
respondido hace 5 meses
0

Have you followed this: https://docs.aws.amazon.com/servicecatalog/latest/adminguide/catalogs_portfolios_sharing_how-to-share.html as sharing depends from who starts and to whom is targeted

profile picture
EXPERTO
Antonio_Lagrotteria
respondido hace 5 meses
0

Thank you Antonio. Yes, I have tried all the methods mentioned in that URL. Sharing through Account ID, Sharing through OU.

Anand R
respondido hace 5 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante