- 최신
- 최다 투표
- 가장 많은 댓글
I would review what SCP's you have in place in your ORG/OU's https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html
If using control tower, you may have turned on some controls which places SCP's into effect to prevent specific actions. There are mandatory controls inplace https://docs.aws.amazon.com/controltower/latest/userguide/mandatory-controls.html
Here is some documentation which also relates to an SCP to block QuickSight https://docs.aws.amazon.com/quicksight/latest/user/security-scp.html
The error you got is typically caused indeed by SCP.
Suggestion is to access or request the account owner/organization to and, modify the explicit SCP deny by allowing your account for instance to perform the quick sight action.
I am getting the same error, i think this is the issue with AWS account which is in below ARN. That account is owned by AWS and its referred by CFN to get some template. as I dont have anything in us-east-1 and below account is not part of my organisation.
arn:aws:quicksight:us-east-1:223485597511:template/cudos_dashboard_v3 with an explicit deny in a service control policy
관련 콘텐츠
- AWS 공식업데이트됨 7달 전