Cloud Custodian
AssumeRole usage with c7n-org #9309
Unanswered
acutis-expeditus
asked this question in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Am using c7n-org to execute policy on all AWS accounts.
Using accounts.yml file for the list of accounts that policy needs to be executed
In accounts.yml file, am using role that's
arm:aws:iam::accountID that I am accessing:role/rolename that has access
That above role when used with custodian command and --assume parameter works fine but doesn't work when passed as role in accounts.yml file for c7n-org run
Output of c7n-org command
Access denied api:AssumeRole policy:my-test-policy account:AccountName region:us-east-2
Beta Was this translation helpful? Give feedback.
All reactions