search

aws-cloudformation / cloudformation-coverage-roadmap

The AWS CloudFormation Public Coverage Roadmap
https://aws.amazon.com/cloudformation/
Creative Commons Attribution Share Alike 4.0 International
1.1k stars 53 forks source link

AWS::SSO::Assignment #660

Open ghost opened 3 years ago

ghost commented 3 years ago

  1. Title Create AWS::SSO::Assignment

  2. Scope of request It is possible to assign AWS SSO permission sets via CloudFormation to accounts.

However is you assign multiple permissionsets in parallel to (>10) accounts it fails. If you assign them in smaller batches it works. It seems there is some throttling occurring on one of the API calls related to CloudFormation and the SSO service.

  1. Expected behavior Ability to assign a permissionset to 10 accounts or more via Cloudformation, without the use of DependsOn to serialize.

  2. Suggest specific test cases Assign mulitple permissionsets, each to at least 10 accounts

  3. Helpful Links to speed up research and evaluation https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_SSO.html https://docs.aws.amazon.com/singlesignon/latest/userguide/permissionsetsconcept.html

  4. Category Security

vignesh2004 commented 1 year ago

Is there a recommended work-around to the 20 concurrency limit at the moment?

TheDanBlanco commented 10 months ago

this now exists

TheDanBlanco commented 10 months ago

ah, as pointed out, this is more about concurrency. reopening. my mistake.