aws cloud formation create env using account id

0
votes

I have a AWS account created under an Organization. Say Account ID : 12345. It is a parent account. Now i have new Role created, Say Account ID : 67890. I have switched my role from parent account to the new one. But when i execute the cloud formation template from AWS cli. It is still trying to create env in my parent account (i.e,12345) instead of the new account.

My question is - How can i execute/create env using CFT from AWS Cli in my new account (ie, 67890) ? or is there a way to specify Account id in which the env should be created ?

1
amazon-web-servicesamazon-cloudformation

1 Answers

2
votes

You most likely forgot to configure your AWS CLI to use credentials from the linked account. You may create a new profile and specify it when you run the CLI command. Example:

aws configure --profile=account2
aws --profile=account2 cloudformation create-stack ...

If you are unable to setup an IAM credential on Account2, you may try to setup CLI to use the cross-account role you already have. You'll need to manually add the following block to your ~/.aws/config file:

[profile account2]
role_arn = arn:aws:iam::123456789012:role/account2role
source_profile = account1

Replace 123456789012 and account2role with their corresponding values.