In Multi-Account setup, how to grant Service Catalog Portfolio access to IAM Identity center users in different account?

0

Hello - I am using AWS Control Tower and I have a Management Account and a Development Account. I use IAM Identity Center. I have created a AWS Service Catalog Portfolio in my Management Account and I want to share it with users in my Development Account.

I have tried the following 2 options:

  • the "Share" option in the portfolio to share with OU containing the Development Account.
  • providing access to the "role" i.e. the role in IAM that will be assumed when the SSO user logs in. In both cases, when I go to the Development account and try to import the portfolio, I get an error saying "Error: Portfolio xxxxx not found".

Please let me know what I amd doing wrong.

Thanks, Anand

Anand R
已提問 5 個月前檢視次數 269 次
3 個答案
0
已接受的答案

I resolved it. My portfolio was created in a different region than where my Organization home. When I created the portfolio in the same region, it worked.

Anand R
已回答 5 個月前
0

Have you followed this: https://docs.aws.amazon.com/servicecatalog/latest/adminguide/catalogs_portfolios_sharing_how-to-share.html as sharing depends from who starts and to whom is targeted

profile picture
專家
已回答 5 個月前
0

Thank you Antonio. Yes, I have tried all the methods mentioned in that URL. Sharing through Account ID, Sharing through OU.

Anand R
已回答 5 個月前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南