New account creation gives error via Control Tower Account factory console but works from Service Catalog console.

0

Got an issue where Control Tower Account Factory could not create new account and error received was "AWS Control Tower cannot enrol the account. There's an error in the provisioned product in AWS Service Catalog: Specified ProvisioningArtifactId does not exist: pa-kckebjcahx3gi".

I checked in Service Catalog and can see that sso user is already added under "Access" starting as "aws-reserved/sso.amazonaws.com/AWSReservedSSO_AWSAdministratorAccessxxxxxxxxx" (this was used to login into the account)

Account gets vended via Service Calatog console successfully. The above error comes only via account factory console. Any idea what is missing and why account creation does not work via Account Factory Console?

I read other repost similar articles but was not much helpful.

1 個回答
0

one of the reason is if you login as root, it will not allow you to create accounts. If you login as IAM/ Identity center user, you should be able to create accounts using account factory.

AWS
已回答 3 個月前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南