1回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
Hi as Manny_A mentioned, an AFT account request will create an Administrator user in Identity Centre(SSO) for the new account (This is actually a built in feature of Control Tower). However that's the only thing it will do.
To configure other users, groups, or permission sets for Accounts in your Organization, you will have to create separate code to achieve this. You will execute the code against the Org Management account (where Identity Centre is). Or if you have delegated that to another account, it will be there.
回答済み 7ヶ月前
関連するコンテンツ
- 質問済み 6年前
- AWS公式更新しました 1年前
- AWS公式更新しました 3年前
SSO separate config is not needed as long as proper parameters are in place. See https://github.com/aws-ia/terraform-aws-control_tower_account_factory/blob/main/sources/aft-customizations-repos/aft-account-request/examples/account-request.tf as a sample tf file for account provisioning with SSO parameters included.