create-account-assignment calls fail from CLI, work in console
Hello there -
I'm running into a problem where I'm trying to run aws sso-admin create-account-assignment from a terminal and while the request is accepted, I then run `aws sso-admin describe-account-assignment-creation-status with the returned requestId and eventually the status transitions to "FAILED" with the error message:
{
"AccountAssignmentCreationStatus": {
"Status": "FAILED",
"RequestId": "[REDACTED]",
"FailureReason": "An unexpected internal service exception was encountered",
"TargetId": "[REDACTED]",
"TargetType": "AWS_ACCOUNT",
"PermissionSetArn": "arn:aws:sso:::permissionSet/ssoins-[REDACTED]/ps-[REDACTED]",
"PrincipalType": "GROUP",
"PrincipalId": "[REDACTED]",
"CreatedDate": "2021-09-17T18:20:33.708000-04:00"
}
}
This is when using AWS Access Keys associated with a user in my organizational account. When I attempt to attach the same permission set to the same group and account in the console, the request succeeds.
Has anyone experienced this issue and have an idea what might be going on. Unfortunately, I'm on a basic plan which doesn't include support.
Thanks.
Well, I think I found out what was going on. The account I was attempting to assign a permission set assignment to was the organizational root account. When I switched to another account within my organization it worked fine from the CLI. Not sure why it works when in the in the console though.
This gets me unblocked as I can continue with my experimentations becoming familiar with SSO -- especially as managed via terraform.
Cheers.
Relevant questions
Is there a way to find where a private IP/domain points to?
Accepted Answerasked 3 years agoIs there a way by which we can allow https calls from only aws servers from across another region without VPC peering?
asked 4 months agoCall a stored procedure in Redshift from Glue
Accepted Answerasked 3 years agoTrying to get console.log() calls into a GreenGrass v2 log file
asked a year agocreate-account-assignment calls fail from CLI, work in console
asked 10 months agoExpo build - APK upload fails when using aws-cli command, via GitHub Actions but works from terminal(local)
asked 15 days agoTrying to get console.log() calls into a GreenGrass v2 log file
asked a year agoSyntax error in policy, while running 'iam create-policy', but there is no syntax mistake
Accepted Answerasked 3 months agoQuestion about creating a VPC using the CLI
Accepted Answerasked 2 years agoRun Command Missing from EC2 Console
Accepted Answerasked 2 years ago