Troubleshooting permission set AministratorAccess

0

I have created two Identity Center users - Alan and nikki. I assign Alan to the Management Account, nikki to the account I created - Administration. I assigned AdministratorAccess permission set to both the users in the Management Account and Administration. When I logged in as Alan, I am able to create OU and everything just like root user. But when I logged in as nikki I am not able to create OU.

How do I troubleshoot why nikki is not able to create OU even though she has the same permission set AdministratorAccess as Alan?

1개 답변
0

Hello.

Are there any errors when trying to create an OU using "nikki"?
If a permission error occurs, you can check CloudTrail and see the error.
https://docs.aws.amazon.com/awscloudtrail/latest/userguide/view-cloudtrail-events.html

Also, is "nikki" signed into the correct AWS account?
Operations on Organizations OUs are performed using the Organizations root account.
https://docs.aws.amazon.com/organizations/latest/userguide/create_ou.html

profile picture
전문가
답변함 3달 전
  • Yes. I did sign in as nikki. "Operations on Organizations OUs are performed using the Organizations root account.". OK, that is why nikki can't create OU. i looked into CloudTrail and filter by user name "nikki", what evetname should I also filter to find out the errors? The eventnames for nikki are mostly CredentialChallenge, ListProfilesForApplication, Authenticate, Federate etc

  • Yes. I did sign in as nikki. "Operations on Organizations OUs are performed using the Organizations root account.". OK, that is why nikki can't create OU.

    "Alan" and "nikki" cannot create an OU unless they sign in to the same Organizations root AWS account.

    The eventnames for nikki are mostly CredentialChallenge, ListProfilesForApplication, Authenticate, Federate etc

    I think you need to look it up by event name.

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠