Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Assign Groups From Trusted Domain to IAM Role Not Working

0

Hi

I have setup the AWS Directory Service and have a successful outgoing trust relationship to my on premise AD domain. I can assign permissions within my RDS instances, for example, and logon to them using my local, on premise, AD credentials
I'm now trying to get AWS Management Console access using our on premise AD credentials working
I've enabled Management Console access, created an IAM role with a trust relationship to AWS Directory - it shows up in the Delegate Console Access box within DS config
Problem - when I click on the IAM role and within Manage users and groups for this role I choose Add - all I see in the drop down is my AWS Directory Service AD domain, I can't see my on premise AD domain in order to select Groups from there
What am I doing wrong please ?

Thanks
STEVE

Argomenti
Sicurezza, identità e conformità
Tag
AWS Directory Service
Lingua
English
stephend
posta 4 anni fa232 visualizzazioni
1 Risposta
0

Found the problem. The trust relationship needs to be 2 way for Management Console access. I was using a one way, outbound trust

Just wish the documentation had been clearer on this point

stephend
con risposta 4 anni fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente