AWS IAM Identity Center (SSO) - Assign Group to Organizational Unit
Hi all,
Working on an enterprise architecture/environment, having a huge number of AWS Accounts, We are facing some difficulties to assign Users/Groups to multiple-accounts.
So I'm asking if there is a way to assign Users/Groups to the whole Organizational Unit instead of selecting multiple-accounts each time we need to give access to a new employee/developer ?
Thanks alot
Peter
- Le plus récent
- Le plus de votes
- La plupart des commentaires
As far as I know, we can't specify OU to assign AWS accounts to Users/Groups. You would be able to easily implement it by AWS CLI or SDK.
If AWS CLI, the following commands help you. https://docs.aws.amazon.com/cli/latest/reference/organizations/list-accounts-for-parent.html https://docs.aws.amazon.com/cli/latest/reference/sso-admin/create-account-assignment.html
Possible with a little tweak using “ssoutil::SSO::AssignmentGroup” cloud formation macro from aws-sso-util
Contenus pertinents
- demandé il y a un an
- demandé il y a un mois
AWS OFFICIELA mis à jour il y a un an- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a 8 mois
