By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

In Multi-Account setup, how to grant Service Catalog Portfolio access to IAM Identity center users in different account?

0

Hello - I am using AWS Control Tower and I have a Management Account and a Development Account. I use IAM Identity Center. I have created a AWS Service Catalog Portfolio in my Management Account and I want to share it with users in my Development Account.

I have tried the following 2 options:

  • the "Share" option in the portfolio to share with OU containing the Development Account.
  • providing access to the "role" i.e. the role in IAM that will be assumed when the SSO user logs in. In both cases, when I go to the Development account and try to import the portfolio, I get an error saying "Error: Portfolio xxxxx not found".

Please let me know what I amd doing wrong.

Thanks, Anand

Topics
Management & GovernanceSecurity, Identity, & Compliance
Tags
AWS OrganizationsAWS Service CatalogAWS IAM Identity Center
Language
English
Anand R
asked 5 months ago253 views
3 Answers
0
Accepted Answer

I resolved it. My portfolio was created in a different region than where my Organization home. When I created the portfolio in the same region, it worked.

Anand R
answered 5 months ago
0

Have you followed this: https://docs.aws.amazon.com/servicecatalog/latest/adminguide/catalogs_portfolios_sharing_how-to-share.html as sharing depends from who starts and to whom is targeted

profile picture
EXPERT
Antonio_Lagrotteria
answered 5 months ago
0

Thank you Antonio. Yes, I have tried all the methods mentioned in that URL. Sharing through Account ID, Sharing through OU.

Anand R
answered 5 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content