AWS Private CA shared with another account via AWS RAM not available for selection in the target service (ECS)

0

For reference, I used this guide on sharing my Private CA, which leverages AWS Resource Access Manager (RAM): https://repost.aws/knowledge-center/acm-share-pca-with-another-account

I have successfully shared the Private CA and can see it in the other account, however, when I go to the service I want to use it with (ECS), I do not see it in drop down for Service Connect. It shows up perfectly fine in the primary account that it is being shared from. Both accounts are part of the same organization. Both accounts have an IAM role with the required IAM policies attached.

I have opened a case with AWS, however, they are still reviewing but the support agent did confirm they are able to replicate the issue. Has anyone else experienced this and found a workaround?

Here is the ECS UI where I expect to see it: ECS Service Connect config missing shared PCA

Here is the Private CA dashboard where I can see that it's shared from the primary account: Account B showing the shared PCA

1 Answer
1

Hello.

I have never set up Service Connect using another account's PrivateCA, but how about configuring it from the AWS CLI?
If the service has already been created in the ECS cluster, you can specify the PrivateCA ARN in "serviceConnectConfiguration" using the "update-service" command.
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ecs/update-service.html
a

It can also be configured when creating a service within an ECS cluster.
https://docs.aws.amazon.com/AmazonECS/latest/developerguide/create-service-connect.html

profile picture
EXPERT
answered 2 months ago
  • Thanks, Riku. I've seen the documentation for doing this via the CLI and am planning on testing this. I was just hoping to get it working via the GUI. Looks like I've have to go this route after all.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions