Trusted Advisor dashboard permission issue with management account.
Hi Team,
I'm trying to integrate Trusted advisor dashboard via this documentation. I'm collecting data into an account(not management account) as mentioned here . But issue is I can't access management/payer account due to limited access in organization. Can i apply changes which needs to be done on payer account on individual account manually or any other alternate.
I'm looking to get Trusted Advisor Organizational View reports for each account into S3 and pass into data collection account by script.
Thanks!
- 新しい順
- 投票が多い順
- コメントが多い順
You cannot do changes on the management account from the child account, unless that child account was assigned as a delegated administrator.
Since your goal is to reach S3 data, In my opinion is best to request access to the s3 bucket.
You would need from the payer account modify the s3 bucket policy to allow access https://repost.aws/knowledge-center/cross-account-access-s3
Another option could be cross account s3 replication: https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication-walkthrough-2.html
For the two solutions referenced in the links you shared, you need to have access to the management account of the organization. Another option, if you have Business, or Enterprise On-Ramp, or an Enterprise Support plan, you can also leverage AWS Support APIs in individual accounts to refresh and push Trusted Advisor check results to a S3 bucket, and replicate the data from all individual account buckets into a common bucket.
関連するコンテンツ
AWS公式更新しました 10ヶ月前- AWS公式更新しました 4年前
- AWS公式更新しました 4年前
- AWS公式更新しました 2年前
Hi, Thanks for replying. As i mentioned i can't request/access Payer account. S3 copy/replication involves same. After looking into this https://wellarchitectedlabs.com/cost/300_labs/300_optimization_data_collection/1_grant_permissions/, I think Trust advisor dashboard are only achievable by Management account.