aws cloud formation create env using account idAWS Cloud formation output templatesAWS Cloud Formation Elastic Load Balancing Account IDCreate a policy cloud formationHow to write a policy for a bucket in cloud templateHow to create cloud formation using IAM roles in AWS Java SDK?Cloud Formation refuses to create subnetCross account S3 access through CloudFormation CLiAWS CloudFormation: How to specify a bucket from another AWS account for Lambda code?Managed policy for a role in an AWS cloud formation stackIs it possible to change the Logical ID of an RDS instance in a Cloud Formation script?
Do intermediate subdomains need to exist?
Taking advantage when the HR forgets to communicate the rules
How to figure out layers of the atmosphere?
What happens if the limit of 4 billion files was exceeded in an ext4 partition?
Chess problem: Make a crossword in 3 moves
How to respond to someone who condemns behavior similar to what they exhibit?
How to deal with administrative duties killing the research spirit?
What is the difference between a historical drama and a period drama?
Does Evolution Sage proliferate Blast Zone when played?
Do I need to be legally qualified to install a Hive smart thermostat?
How can one synthesise a conjugated alkyne chain?
Can a wizard delay learning new spells from leveling up to learn different spells later?
Milky way is orbiting around?
How to travel between two stationary worlds in the least amount of time? (time dilation)
What is meant by perfect, imperfect consonance and dissonance?
Convenience stores in India
Machine Learning Golf: Multiplication
When can a Barbarian, who has just levelled up, use the additional Rage gained from that level?
What is the maximum amount of diamond in one Minecraft game?
What/Where usage English vs Japanese
Why did C++11 make std::string::data() add a null terminating character?
What is meaning of 4 letter abbreviations in Roman names like Titus Flavius T. f. T. n. Sabinus?
Why would "dead languages" be the only languages that spells could be written in?
Has there ever been a cold war other than between the U.S. and the U.S.S.R.?
aws cloud formation create env using account id
AWS Cloud formation output templatesAWS Cloud Formation Elastic Load Balancing Account IDCreate a policy cloud formationHow to write a policy for a bucket in cloud templateHow to create cloud formation using IAM roles in AWS Java SDK?Cloud Formation refuses to create subnetCross account S3 access through CloudFormation CLiAWS CloudFormation: How to specify a bucket from another AWS account for Lambda code?Managed policy for a role in an AWS cloud formation stackIs it possible to change the Logical ID of an RDS instance in a Cloud Formation script?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
I have a AWS account created under an Organization. Say Account ID : 12345. It is a parent account. Now i have new Role created, Say Account ID : 67890. I have switched my role from parent account to the new one. But when i execute the cloud formation template from AWS cli. It is still trying to create env in my parent account (i.e,12345) instead of the new account.
My question is - How can i execute/create env using CFT from AWS Cli in my new account (ie, 67890) ? or is there a way to specify Account id in which the env should be created ?
amazon-web-services amazon-cloudformation
asked Mar 25 at 18:40
BacktrackBacktrack
5,8473 gold badges35 silver badges82 bronze badges
add a comment |
I have a AWS account created under an Organization. Say Account ID : 12345. It is a parent account. Now i have new Role created, Say Account ID : 67890. I have switched my role from parent account to the new one. But when i execute the cloud formation template from AWS cli. It is still trying to create env in my parent account (i.e,12345) instead of the new account.
My question is - How can i execute/create env using CFT from AWS Cli in my new account (ie, 67890) ? or is there a way to specify Account id in which the env should be created ?
amazon-web-services amazon-cloudformation
asked Mar 25 at 18:40
BacktrackBacktrack
5,8473 gold badges35 silver badges82 bronze badges
add a comment |
I have a AWS account created under an Organization. Say Account ID : 12345. It is a parent account. Now i have new Role created, Say Account ID : 67890. I have switched my role from parent account to the new one. But when i execute the cloud formation template from AWS cli. It is still trying to create env in my parent account (i.e,12345) instead of the new account.
My question is - How can i execute/create env using CFT from AWS Cli in my new account (ie, 67890) ? or is there a way to specify Account id in which the env should be created ?
amazon-web-services amazon-cloudformation
asked Mar 25 at 18:40
BacktrackBacktrack
5,8473 gold badges35 silver badges82 bronze badges
I have a AWS account created under an Organization. Say Account ID : 12345. It is a parent account. Now i have new Role created, Say Account ID : 67890. I have switched my role from parent account to the new one. But when i execute the cloud formation template from AWS cli. It is still trying to create env in my parent account (i.e,12345) instead of the new account.
My question is - How can i execute/create env using CFT from AWS Cli in my new account (ie, 67890) ? or is there a way to specify Account id in which the env should be created ?
amazon-web-services amazon-cloudformation
amazon-web-services amazon-cloudformation
asked Mar 25 at 18:40
BacktrackBacktrack
5,8473 gold badges35 silver badges82 bronze badges
asked Mar 25 at 18:40
BacktrackBacktrack
5,8473 gold badges35 silver badges82 bronze badges
asked Mar 25 at 18:40
BacktrackBacktrack
5,8473 gold badges35 silver badges82 bronze badges
asked Mar 25 at 18:40
BacktrackBacktrack
5,8473 gold badges35 silver badges82 bronze badges
asked Mar 25 at 18:40
BacktrackBacktrack
5,8473 gold badges35 silver badges82 bronze badges
5,8473 gold badges35 silver badges82 bronze badges
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
You most likely forgot to configure your AWS CLI to use credentials from the linked account. You may create a new profile and specify it when you run the CLI command. Example:
aws configure --profile=account2
aws --profile=account2 cloudformation create-stack ...
If you are unable to setup an IAM credential on Account2, you may try to setup CLI to use the cross-account role you already have. You'll need to manually add the following block to your ~/.aws/config file:
[profile account2]
role_arn = arn:aws:iam::123456789012:role/account2role
source_profile = account1
Replace 123456789012 and account2role with their corresponding values.
answered Mar 25 at 18:47
jweyrichjweyrich
25.1k4 gold badges54 silver badges88 bronze badges
But the problem is - both the Account1 and Account2 has the same credentials. What i do is, Login to Account 1 and click switch role and go to Account 2 and create AWS resource.
– Backtrack
Mar 25 at 18:53
I could execute the CFT in AWS console after switching to Account2. But from AWS cli i could not.
– Backtrack
Mar 25 at 18:54
2 accounts don't share the same IAM credentials. You need to create an IAM user in Account2 and generate credentials (AccessKey/SecretAccessKey) for it, then configure your AWS CLI as suggested.
– jweyrich
Mar 25 at 18:56
Logged in as: backtrack Account: 12345 Currently active as: backtrackDev Account: 67890 I do not have privileges to create iam user :(
– Backtrack
Mar 25 at 19:03
@Backtrack: updated the answer. Please, try the suggestion and let me know.
– jweyrich
Mar 25 at 19:13
|
show 1 more comment
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55344472%2faws-cloud-formation-create-env-using-account-id%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
You most likely forgot to configure your AWS CLI to use credentials from the linked account. You may create a new profile and specify it when you run the CLI command. Example:
aws configure --profile=account2
aws --profile=account2 cloudformation create-stack ...
If you are unable to setup an IAM credential on Account2, you may try to setup CLI to use the cross-account role you already have. You'll need to manually add the following block to your ~/.aws/config file:
[profile account2]
role_arn = arn:aws:iam::123456789012:role/account2role
source_profile = account1
Replace 123456789012 and account2role with their corresponding values.
answered Mar 25 at 18:47
jweyrichjweyrich
25.1k4 gold badges54 silver badges88 bronze badges
But the problem is - both the Account1 and Account2 has the same credentials. What i do is, Login to Account 1 and click switch role and go to Account 2 and create AWS resource.
– Backtrack
Mar 25 at 18:53
I could execute the CFT in AWS console after switching to Account2. But from AWS cli i could not.
– Backtrack
Mar 25 at 18:54
2 accounts don't share the same IAM credentials. You need to create an IAM user in Account2 and generate credentials (AccessKey/SecretAccessKey) for it, then configure your AWS CLI as suggested.
– jweyrich
Mar 25 at 18:56
Logged in as: backtrack Account: 12345 Currently active as: backtrackDev Account: 67890 I do not have privileges to create iam user :(
– Backtrack
Mar 25 at 19:03
@Backtrack: updated the answer. Please, try the suggestion and let me know.
– jweyrich
Mar 25 at 19:13
|
show 1 more comment
You most likely forgot to configure your AWS CLI to use credentials from the linked account. You may create a new profile and specify it when you run the CLI command. Example:
aws configure --profile=account2
aws --profile=account2 cloudformation create-stack ...
If you are unable to setup an IAM credential on Account2, you may try to setup CLI to use the cross-account role you already have. You'll need to manually add the following block to your ~/.aws/config file:
[profile account2]
role_arn = arn:aws:iam::123456789012:role/account2role
source_profile = account1
Replace 123456789012 and account2role with their corresponding values.
answered Mar 25 at 18:47
jweyrichjweyrich
25.1k4 gold badges54 silver badges88 bronze badges
But the problem is - both the Account1 and Account2 has the same credentials. What i do is, Login to Account 1 and click switch role and go to Account 2 and create AWS resource.
– Backtrack
Mar 25 at 18:53
I could execute the CFT in AWS console after switching to Account2. But from AWS cli i could not.
– Backtrack
Mar 25 at 18:54
2 accounts don't share the same IAM credentials. You need to create an IAM user in Account2 and generate credentials (AccessKey/SecretAccessKey) for it, then configure your AWS CLI as suggested.
– jweyrich
Mar 25 at 18:56
Logged in as: backtrack Account: 12345 Currently active as: backtrackDev Account: 67890 I do not have privileges to create iam user :(
– Backtrack
Mar 25 at 19:03
@Backtrack: updated the answer. Please, try the suggestion and let me know.
– jweyrich
Mar 25 at 19:13
|
show 1 more comment
You most likely forgot to configure your AWS CLI to use credentials from the linked account. You may create a new profile and specify it when you run the CLI command. Example:
aws configure --profile=account2
aws --profile=account2 cloudformation create-stack ...
If you are unable to setup an IAM credential on Account2, you may try to setup CLI to use the cross-account role you already have. You'll need to manually add the following block to your ~/.aws/config file:
[profile account2]
role_arn = arn:aws:iam::123456789012:role/account2role
source_profile = account1
Replace 123456789012 and account2role with their corresponding values.
answered Mar 25 at 18:47
jweyrichjweyrich
25.1k4 gold badges54 silver badges88 bronze badges
You most likely forgot to configure your AWS CLI to use credentials from the linked account. You may create a new profile and specify it when you run the CLI command. Example:
aws configure --profile=account2
aws --profile=account2 cloudformation create-stack ...
If you are unable to setup an IAM credential on Account2, you may try to setup CLI to use the cross-account role you already have. You'll need to manually add the following block to your ~/.aws/config file:
[profile account2]
role_arn = arn:aws:iam::123456789012:role/account2role
source_profile = account1
Replace 123456789012 and account2role with their corresponding values.
answered Mar 25 at 18:47
jweyrichjweyrich
25.1k4 gold badges54 silver badges88 bronze badges
edited Mar 25 at 19:28
answered Mar 25 at 18:47
jweyrichjweyrich
25.1k4 gold badges54 silver badges88 bronze badges
answered Mar 25 at 18:47
jweyrichjweyrich
25.1k4 gold badges54 silver badges88 bronze badges
answered Mar 25 at 18:47
jweyrichjweyrich
25.1k4 gold badges54 silver badges88 bronze badges
25.1k4 gold badges54 silver badges88 bronze badges
But the problem is - both the Account1 and Account2 has the same credentials. What i do is, Login to Account 1 and click switch role and go to Account 2 and create AWS resource.
– Backtrack
Mar 25 at 18:53
I could execute the CFT in AWS console after switching to Account2. But from AWS cli i could not.
– Backtrack
Mar 25 at 18:54
2 accounts don't share the same IAM credentials. You need to create an IAM user in Account2 and generate credentials (AccessKey/SecretAccessKey) for it, then configure your AWS CLI as suggested.
– jweyrich
Mar 25 at 18:56
Logged in as: backtrack Account: 12345 Currently active as: backtrackDev Account: 67890 I do not have privileges to create iam user :(
– Backtrack
Mar 25 at 19:03
@Backtrack: updated the answer. Please, try the suggestion and let me know.
– jweyrich
Mar 25 at 19:13
|
show 1 more comment
But the problem is - both the Account1 and Account2 has the same credentials. What i do is, Login to Account 1 and click switch role and go to Account 2 and create AWS resource.
– Backtrack
Mar 25 at 18:53
I could execute the CFT in AWS console after switching to Account2. But from AWS cli i could not.
– Backtrack
Mar 25 at 18:54
2 accounts don't share the same IAM credentials. You need to create an IAM user in Account2 and generate credentials (AccessKey/SecretAccessKey) for it, then configure your AWS CLI as suggested.
– jweyrich
Mar 25 at 18:56
Logged in as: backtrack Account: 12345 Currently active as: backtrackDev Account: 67890 I do not have privileges to create iam user :(
– Backtrack
Mar 25 at 19:03
@Backtrack: updated the answer. Please, try the suggestion and let me know.
– jweyrich
Mar 25 at 19:13
But the problem is - both the Account1 and Account2 has the same credentials. What i do is, Login to Account 1 and click switch role and go to Account 2 and create AWS resource.
– Backtrack
Mar 25 at 18:53
But the problem is - both the Account1 and Account2 has the same credentials. What i do is, Login to Account 1 and click switch role and go to Account 2 and create AWS resource.
– Backtrack
Mar 25 at 18:53
I could execute the CFT in AWS console after switching to Account2. But from AWS cli i could not.
– Backtrack
Mar 25 at 18:54
I could execute the CFT in AWS console after switching to Account2. But from AWS cli i could not.
– Backtrack
Mar 25 at 18:54
2 accounts don't share the same IAM credentials. You need to create an IAM user in Account2 and generate credentials (AccessKey/SecretAccessKey) for it, then configure your AWS CLI as suggested.
– jweyrich
Mar 25 at 18:56
2 accounts don't share the same IAM credentials. You need to create an IAM user in Account2 and generate credentials (AccessKey/SecretAccessKey) for it, then configure your AWS CLI as suggested.
– jweyrich
Mar 25 at 18:56
Logged in as: backtrack Account: 12345 Currently active as: backtrackDev Account: 67890 I do not have privileges to create iam user :(
– Backtrack
Mar 25 at 19:03
Logged in as: backtrack Account: 12345 Currently active as: backtrackDev Account: 67890 I do not have privileges to create iam user :(
– Backtrack
Mar 25 at 19:03
@Backtrack: updated the answer. Please, try the suggestion and let me know.
– jweyrich
Mar 25 at 19:13
@Backtrack: updated the answer. Please, try the suggestion and let me know.
– jweyrich
Mar 25 at 19:13
|
show 1 more comment
Got a question that you can’t ask on public Stack Overflow? Learn more about sharing private information with Stack Overflow for Teams.
Got a question that you can’t ask on public Stack Overflow? Learn more about sharing private information with Stack Overflow for Teams.
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55344472%2faws-cloud-formation-create-env-using-account-id%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
