2回答
- 新しい順
- 投票が多い順
- コメントが多い順
2
Hello,
I have encountered the same error as well and I solved it in this way:
- My IAM Identity Center is located in the Milan region
- The AWS Account in the AWS Organization didn't have the Milan region enabled
- I enabled the Milan region for the AWS Organization account
- I tried to assign the permissions again and then it worked.
Best, Stefano
回答済み 4ヶ月前
1
Hello.
A few things: Ensure the IAM role or user you are using to assign the permission sets has adequate permissions to perform the operation. Make sure it has sso:InstanceAccessControlAttributeConfiguration, sso:PermissionSet, and sso:ManagedPolicy permissions.
Confirm that the trust relationships are set up correctly, and "OrganizationAccountAccessRole" is able to assume the necessary roles across accounts. Cross-account access necessitates that the trusting account (the account being accessed) has a trust policy that allows the accessing (trusted) account to assume a role.
Regards, Andrii