Troubleshooting permission set AministratorAccess

0

I have created two Identity Center users - Alan and nikki. I assign Alan to the Management Account, nikki to the account I created - Administration. I assigned AdministratorAccess permission set to both the users in the Management Account and Administration. When I logged in as Alan, I am able to create OU and everything just like root user. But when I logged in as nikki I am not able to create OU.

How do I troubleshoot why nikki is not able to create OU even though she has the same permission set AdministratorAccess as Alan?

1回答
0

Hello.

Are there any errors when trying to create an OU using "nikki"?
If a permission error occurs, you can check CloudTrail and see the error.
https://docs.aws.amazon.com/awscloudtrail/latest/userguide/view-cloudtrail-events.html

Also, is "nikki" signed into the correct AWS account?
Operations on Organizations OUs are performed using the Organizations root account.
https://docs.aws.amazon.com/organizations/latest/userguide/create_ou.html

profile picture
エキスパート
回答済み 3ヶ月前
  • Yes. I did sign in as nikki. "Operations on Organizations OUs are performed using the Organizations root account.". OK, that is why nikki can't create OU. i looked into CloudTrail and filter by user name "nikki", what evetname should I also filter to find out the errors? The eventnames for nikki are mostly CredentialChallenge, ListProfilesForApplication, Authenticate, Federate etc

  • Yes. I did sign in as nikki. "Operations on Organizations OUs are performed using the Organizations root account.". OK, that is why nikki can't create OU.

    "Alan" and "nikki" cannot create an OU unless they sign in to the same Organizations root AWS account.

    The eventnames for nikki are mostly CredentialChallenge, ListProfilesForApplication, Authenticate, Federate etc

    I think you need to look it up by event name.

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ