Support Delegated Admin for Service Catalog

awslabs / landing-zone-accelerator-on-aws

Deploy a multi-account cloud foundation to support highly-regulated workloads and complex compliance requirements.

https://aws.amazon.com/solutions/implementations/landing-zone-accelerator-on-aws/

Apache License 2.0

515 stars 401 forks source link

Support Delegated Admin for Service Catalog #353

Open amgrecoamzn opened 7 months ago

amgrecoamzn commented 7 months ago

Is your feature request related to a problem? Please describe. Currently, an administrator cannot be delegated for AWS Service Catalog through LZA. Products/portfolios must be created in the management account. This does not meet the requirements of customers that want to deploy outside of the management account. This is only possible today via the console.

Describe the feature you'd like Allow delegated admin for Service Catalog in LZA.

bo1984 commented 7 months ago

Hi @amgrecoamzn, thank you for using the Landing Zone Accelerator on AWS (LZA) solution. As of right now, we have an open feature request for this. I will keep this issue open in the meantime as we evaluate it in our backlog and will provide updates as they're available. Please let us know if you have any questions or concerns in the meantime.

KittieHearts42 commented 5 months ago

Is there any updates on this? Running into a similar issue and we don't want the service catalog to only be in the OU group with their delegate permissions and not the management account.