- 最新
- 最多得票
- 最多評論
Hello.
In my AWS account, I was able to change the settings from the management console and confirm that they were reflected.
Can you confirm that the "PutAccountSetting" action is recorded in CloudTrail's API history after operating it from the management console?
If the operation is performed normally from the management console, it should be recorded in CloudTrail.
Also, there may be a slight delay in the update being reflected in your browser, so please try refreshing your browser and clearing your cache.
Hello,
Please note that "PutAccountSetting"[1] API will make the account setting changes specific to the Console user where as "put-account-setting-default" cli command (PutAccountSettingDefault API [2]) will modify the account setting for all users on an account for whom no individual account setting has been specified.
As per ECS documentation[3], there is specific way to enable the awsvpcTrunking account setting
Any user can use the PutAccountSettingDefault API to enable all IAM users and roles on an account.
A root user can use the PutAccountSetting API to enable the user or container instance role that will register the instance with the cluster
A container instance role can enable itself when the PutAccountSetting API is run on an instance prior to it being registered with a cluster
As you can see, it is recommended to use root user or container instance role while using PutAccountSetting API from console and I infer that your console role is not root and hence you notice the difference with ECS Console Account settings and aws ecs put-account-setting-default
References: [1] https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html [2] https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html [3] https://docs.aws.amazon.com/AmazonECS/latest/developerguide/container-instance-eni.html
Hi Nambinayagan, Thank you for the details. yes you are right, I have followed everything from the documentation and I understand totally. However for some reason it just doesn't work when I enable ENI trunking from from console. I disabled at account level and IAM user level first to make sure, then I enabled it from the console but doesn't really work - then I disabled it from the console and enabled from CLI at account level then it works. I don't know it's really boggling me. I will check once again to make sure I am not missing something here. And of course it will be difficult to help if you cannot recreate the issue from your end.
相關內容
- 已提問 1 年前
AWS 官方已更新 2 年前
Hi Riku, Thank you for the reply. Yes "PutAccountSettings" is being recorded on CloudTrail, however still not working when I try with a new incognito window.