-
Notifications
You must be signed in to change notification settings - Fork 100
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
loads of errors when permission to view org is missing #51
Comments
committed change that should hopefully skip around these when you don't have access |
i see this now
perhaps i should explain, i am using AWS SSO and my permission set is the aws default admin role. so i do have access to IAM i am also still seeing the issue
|
what was the corresponding aws2tf.sh command you used ? skipping iam stuff can be by design - because when other resources are found the necessary iam is pulled in as a dependency If you still want ALL the iam stuff you can always do a subsequent: (committed another change to get more output on the skipping - as there's two reasons that can happen) |
corresponding command . just aws2tf with |
committed more changes to help track this down - also please run with debug on: ./aws2tf.sh -v yes -d yes This will help me track down the "Found Error: │ Error: listing AWS Organization (o-4oizb4q5g1) accounts:" as it will exit soon after the error occurs (-d yes) |
cmd: t= pre=* i= exclude=iam
loop through providers
. ../../scripts/type-get-transitgw.sh
aws --profile profile --region region --output json ec2 describe-transit-gateways --transit-gateway-ids yes --filters "Name=state,Values=available"
aws --profile profile --region region --output json ec2 describe-transit-gateways --transit-gateway-ids yes --filters "Name=state,Values=available" : You don't have access for this resource
Success! The configuration is valid.
type-get-transitgw.sh runtime 11 seconds
-------------------------------------------------------------------
. ../../scripts/010-get-organization.sh
aws --profile profile --region region --output json organizations describe-organization
aws_organizations_organization o-??? import
╷
│ Error: listing AWS Organization (o-???) accounts: AccessDeniedException: You don't have permissions to access this resource.
│
│
╵
aws_organizations_organization.o-???: Importing from ID "o-???"...
No state file was found!
State management commands require a state file. Run this command
in a directory where Terraform has been run or use the -state flag
to point the command to a specific state location.
Found Error: │ Error: listing AWS Organization (o-???) accounts: AccessDeniedException: You don't have permissions to access this resource.
debug flag is on so exiting .... |
there are loads of errors when i do not have permissions to view the org info
The text was updated successfully, but these errors were encountered: