bloglike:2021-03
Differences
This shows you the differences between two versions of the page.
Last revisionBoth sides next revision | |||
bloglike:2021-03 [2021/03/24 04:18] – AWS Control Tower modifications - part1 stybla | bloglike:2021-03 [2021/03/24 07:50] – AWS Control Tower modifications - part2 stybla | ||
---|---|---|---|
Line 14: | Line 14: | ||
Change of tax(VAT) settings and payment method is a no-brainer. Login into Root account which was used to setup AWS Control Tower and you will find both in Billing console. Thanks to consolidated billing and '' | Change of tax(VAT) settings and payment method is a no-brainer. Login into Root account which was used to setup AWS Control Tower and you will find both in Billing console. Thanks to consolidated billing and '' | ||
- | Name and email of Organization propagate from Root account. Therefore, all you have to do is to change Account Name and email address in the Root account. Both can be found in Account Settings. | + | Name and email of Organization propagate from Root account. Therefore, all you have to do is to change |
- | At fist, I was in denial that email of AWS account can be changed. However, as it turned out [[https:// | + | At fist, I was in denial that email of AWS account can be changed. However, as it turned out [[https:// |
This presents problem for user's AWS accounts unless you the password, which you don't. You cannot get password reset link either, unless you have access to user's mailbox in question. I guess one way to work around this problem is to set AWS account email address to something you control and SSO user email to (the real) user's email. | This presents problem for user's AWS accounts unless you the password, which you don't. You cannot get password reset link either, unless you have access to user's mailbox in question. I guess one way to work around this problem is to set AWS account email address to something you control and SSO user email to (the real) user's email. | ||
- | It's possible to update Contact Information(company name, address and website) either through SSO or by logging directly into AWS account. | + | It's possible to update |
+ | Second biggest worry was how to replace domain name in SSO logins. It's possible to change user's email address, but not login name. In the end, it was fairly easy. First of all, I recommend you to change email addresses in AWS accounts and whatever is needed to be done there while you're at it. Then we can change SSO in this particular case. I believe there are at least two ways how to do it and the end result should be the same. Both of these require at least '' | ||
- | FIXME replace domain name in SSO logins | + | **NOTE** that I didn't take and test this way and I have discovered it only due to the fact I didn't know how else to change '' |
+ | Second way is to do it through '' | ||
- | --- // | + | It shouldn' |
+ | |||
+ | Also, you will have to, or at least I suggest you to do so, run AWS Control Tower repair in case you've changed email address of '' | ||
+ | |||
+ | And that should be all. I'm a bit unhappy that AWS account information cannot be changed through API or CloudFormation and the only way is to do it manually. On the other hand, I guess it sort of makes sense. | ||
+ | |||
+ | |||
+ | --- // | ||
bloglike/2021-03.txt · Last modified: 2021/03/28 04:33 by stybla