Scope of request
It is possible to assign AWS SSO permission sets via CloudFormation to accounts.
However is you assign multiple permissionsets in parallel to (>10) accounts it fails.
If you assign them in smaller batches it works.
It seems there is some throttling occurring on one of the API calls related to CloudFormation and the SSO service.
Expected behavior
Ability to assign a permissionset to 10 accounts or more via Cloudformation, without the use of DependsOn to serialize.
Suggest specific test cases
Assign mulitple permissionsets, each to at least 10 accounts
Title Create AWS::SSO::Assignment
Scope of request It is possible to assign AWS SSO permission sets via CloudFormation to accounts.
However is you assign multiple permissionsets in parallel to (>10) accounts it fails. If you assign them in smaller batches it works. It seems there is some throttling occurring on one of the API calls related to CloudFormation and the SSO service.
Expected behavior Ability to assign a permissionset to 10 accounts or more via Cloudformation, without the use of
DependsOn
to serialize.Suggest specific test cases Assign mulitple permissionsets, each to at least 10 accounts
Helpful Links to speed up research and evaluation https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_SSO.html https://docs.aws.amazon.com/singlesignon/latest/userguide/permissionsetsconcept.html
Category Security