使用AWS re:Post即您表示您同意 AWS re:Post 使用条款

AWS SSO in Control Tower / Organisations with Systems Manager Run As

0

Have a Control Tower Setup and in main account have set ABAC - SSMSessionRunAs = ${user:name} in AWS SSO. In one of the Workload accounts, I have configured Systems Manager Preferences with "Run As" but with empty user. The expected behaviour is that sessions in System Manager will be created with the AWS user account (not ssm-user). However error "Invalid RunAs username. Set default username in Session Manager Preferences page." is displayed. Of course, if I set the Run As in Systems Manager Preferences to ssm-user the Systems Manager session connects as ssm-user (not the AWS user account). A matching user account has been added to the Linux Amazon OS. It appears the ABAC variable isn't passed through to Systems Manager? The strange thing is this worked yesterday? I have also tried ABAC ${path:userName}.

1 回答
1

Hey there,

Sounds like this blog may be exactly what you need.

profile pictureAWS
已回答 3 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则