Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso

AWS SSO in Control Tower / Organisations with Systems Manager Run As

0

Have a Control Tower Setup and in main account have set ABAC - SSMSessionRunAs = ${user:name} in AWS SSO. In one of the Workload accounts, I have configured Systems Manager Preferences with "Run As" but with empty user. The expected behaviour is that sessions in System Manager will be created with the AWS user account (not ssm-user). However error "Invalid RunAs username. Set default username in Session Manager Preferences page." is displayed. Of course, if I set the Run As in Systems Manager Preferences to ssm-user the Systems Manager session connects as ssm-user (not the AWS user account). A matching user account has been added to the Linux Amazon OS. It appears the ABAC variable isn't passed through to Systems Manager? The strange thing is this worked yesterday? I have also tried ABAC ${path:userName}.

1 Resposta
1

Hey there,

Sounds like this blog may be exactly what you need.

profile pictureAWS
respondido há 3 anos

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas