AWS ECS deployment Error using Cross AccountAWS RDS CLI: AccessDenied on CreateDBSnapshotUnable to install tomcat using aws cloud formation scriptsDocker project on AWS ECSCannotPullContainerError on AWS ECSaws ec2 describe-instances not allowed in user-data?Autoscaling AWS ECS services with soft limitsECR cross-account pull permissionsAWS ECS: Service + autoscaling vs User Data launching TaskError creating new cluster in AWS with ecs-cliAWS ECS Continuous Deployment issue with CodePipeline

Multi tool use
Multi tool use

Did Karl Marx ever use any example that involved cotton and dollars to illustrate the way capital and surplus value were generated?

How are the Zhentarim and Black Fist related?

How do I set an alias to a terminal line?

Can any NP-Complete Problem be solved using at most polynomial space (but while using exponential time?)

I am completely new to Tales from the Floating Vagabond, how do I get started?

What is this tool/thing in an Aztec painting?

expiry or manufactured date?

Find the diameter of a word graph

How risky is real estate?

Swapping rooks in a 4x4 board

Should I prioritize my 401(k) over my student loans?

Are all instances of trolls turning to stone ultimately references back to Tolkien?

What is the origin of Scooby-Doo's name?

Wifi dongle speed is slower than advertised

Why doesn't a marching band have strings?

Hand soldering SMD 1206 components

Interaction between Leyline of Anticipation and Teferi, Time Raveler

Archery in modern conflicts

What is the legal status of travelling with methadone in your carry-on?

Is using weak login credentials always bad?

If you snatch, I trade

What does "play with your toy’s toys" mean?

Is a single radon-daughter atom in air a solid?

Where can I find a database of galactic spectra?



AWS ECS deployment Error using Cross Account


AWS RDS CLI: AccessDenied on CreateDBSnapshotUnable to install tomcat using aws cloud formation scriptsDocker project on AWS ECSCannotPullContainerError on AWS ECSaws ec2 describe-instances not allowed in user-data?Autoscaling AWS ECS services with soft limitsECR cross-account pull permissionsAWS ECS: Service + autoscaling vs User Data launching TaskError creating new cluster in AWS with ecs-cliAWS ECS Continuous Deployment issue with CodePipeline






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








1















I created a jenkins job runing inside account A that connects using cross accounts IAM roles to account B, where we have a ECS cluster.
I manageg to build and upload the docker images from account A jenkins to account B, but when I use:



aws ecs update-service --cluster arn:aws:ecs:eu-west-1:Account_B_ID:cluster/Cluster --service cluster-service --force-new-deployment --region eu-west-1


I was promted by an error:



An error occurred (InvalidParameterException) when calling the UpdateService operation: Identifier is for AccountID_B. Your accountId is AccountID_A


I have checked the Update-Service documentation, but i don't find any mistake and I cant found anything more regarding this issue anywhere.



Do you know where/how is the correct way of ECS cross account deployment?



Thanks for your time and help!






amazon-web-services aws-cli amazon-ecs







share|improve this question
























  • Jenkins runs the aws ecs update-service command, right?

    – Dominik
    Jun 6 at 17:13











  • Yes, it's that way

    – Gotttlieb
    Jun 6 at 22:50

















1















I created a jenkins job runing inside account A that connects using cross accounts IAM roles to account B, where we have a ECS cluster.
I manageg to build and upload the docker images from account A jenkins to account B, but when I use:



aws ecs update-service --cluster arn:aws:ecs:eu-west-1:Account_B_ID:cluster/Cluster --service cluster-service --force-new-deployment --region eu-west-1


I was promted by an error:



An error occurred (InvalidParameterException) when calling the UpdateService operation: Identifier is for AccountID_B. Your accountId is AccountID_A


I have checked the Update-Service documentation, but i don't find any mistake and I cant found anything more regarding this issue anywhere.



Do you know where/how is the correct way of ECS cross account deployment?



Thanks for your time and help!






amazon-web-services aws-cli amazon-ecs







share|improve this question
























  • Jenkins runs the aws ecs update-service command, right?

    – Dominik
    Jun 6 at 17:13











  • Yes, it's that way

    – Gotttlieb
    Jun 6 at 22:50













1












1








1








I created a jenkins job runing inside account A that connects using cross accounts IAM roles to account B, where we have a ECS cluster.
I manageg to build and upload the docker images from account A jenkins to account B, but when I use:



aws ecs update-service --cluster arn:aws:ecs:eu-west-1:Account_B_ID:cluster/Cluster --service cluster-service --force-new-deployment --region eu-west-1


I was promted by an error:



An error occurred (InvalidParameterException) when calling the UpdateService operation: Identifier is for AccountID_B. Your accountId is AccountID_A


I have checked the Update-Service documentation, but i don't find any mistake and I cant found anything more regarding this issue anywhere.



Do you know where/how is the correct way of ECS cross account deployment?



Thanks for your time and help!






amazon-web-services aws-cli amazon-ecs







share|improve this question
















I created a jenkins job runing inside account A that connects using cross accounts IAM roles to account B, where we have a ECS cluster.
I manageg to build and upload the docker images from account A jenkins to account B, but when I use:



aws ecs update-service --cluster arn:aws:ecs:eu-west-1:Account_B_ID:cluster/Cluster --service cluster-service --force-new-deployment --region eu-west-1


I was promted by an error:



An error occurred (InvalidParameterException) when calling the UpdateService operation: Identifier is for AccountID_B. Your accountId is AccountID_A


I have checked the Update-Service documentation, but i don't find any mistake and I cant found anything more regarding this issue anywhere.



Do you know where/how is the correct way of ECS cross account deployment?



Thanks for your time and help!






amazon-web-services aws-cli amazon-ecs




amazon-web-services aws-cli amazon-ecs






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jun 6 at 17:10







Gotttlieb

















asked Jun 6 at 16:54









GotttliebGotttlieb

104 bronze badges




104 bronze badges












  • Jenkins runs the aws ecs update-service command, right?

    – Dominik
    Jun 6 at 17:13











  • Yes, it's that way

    – Gotttlieb
    Jun 6 at 22:50

















  • Jenkins runs the aws ecs update-service command, right?

    – Dominik
    Jun 6 at 17:13











  • Yes, it's that way

    – Gotttlieb
    Jun 6 at 22:50
















Jenkins runs the aws ecs update-service command, right?

– Dominik
Jun 6 at 17:13





Jenkins runs the aws ecs update-service command, right?

– Dominik
Jun 6 at 17:13













Yes, it's that way

– Gotttlieb
Jun 6 at 22:50





Yes, it's that way

– Gotttlieb
Jun 6 at 22:50










1 Answer
1






active

oldest

votes


















2














Run the command with a CLI --profile which assumes the IAM role on account-B:



aws ecs update-service --profile account-B_roleName



In ~/.aws/config:



[profile account-B_roleName]
role_arn = arn:aws:iam::808449698514:role/PowerUser


You can only apply a command on a resource in an account with an (assumed) role or user which is defined in that account.






share|improve this answer























  • Thanks so much!; I have to admit that I already used the "--profile" in other commands, but I didn't notice it here. And seems strange to me that anywhere was this explained as clear as you explained it here. THanks!

    – Gotttlieb
    Jun 6 at 23:03













Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f970414%2faws-ecs-deployment-error-using-cross-account%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









2














Run the command with a CLI --profile which assumes the IAM role on account-B:



aws ecs update-service --profile account-B_roleName



In ~/.aws/config:



[profile account-B_roleName]
role_arn = arn:aws:iam::808449698514:role/PowerUser


You can only apply a command on a resource in an account with an (assumed) role or user which is defined in that account.






share|improve this answer























  • Thanks so much!; I have to admit that I already used the "--profile" in other commands, but I didn't notice it here. And seems strange to me that anywhere was this explained as clear as you explained it here. THanks!

    – Gotttlieb
    Jun 6 at 23:03















2














Run the command with a CLI --profile which assumes the IAM role on account-B:



aws ecs update-service --profile account-B_roleName



In ~/.aws/config:



[profile account-B_roleName]
role_arn = arn:aws:iam::808449698514:role/PowerUser


You can only apply a command on a resource in an account with an (assumed) role or user which is defined in that account.






share|improve this answer























  • Thanks so much!; I have to admit that I already used the "--profile" in other commands, but I didn't notice it here. And seems strange to me that anywhere was this explained as clear as you explained it here. THanks!

    – Gotttlieb
    Jun 6 at 23:03













2












2








2







Run the command with a CLI --profile which assumes the IAM role on account-B:



aws ecs update-service --profile account-B_roleName



In ~/.aws/config:



[profile account-B_roleName]
role_arn = arn:aws:iam::808449698514:role/PowerUser


You can only apply a command on a resource in an account with an (assumed) role or user which is defined in that account.






share|improve this answer













Run the command with a CLI --profile which assumes the IAM role on account-B:



aws ecs update-service --profile account-B_roleName



In ~/.aws/config:



[profile account-B_roleName]
role_arn = arn:aws:iam::808449698514:role/PowerUser


You can only apply a command on a resource in an account with an (assumed) role or user which is defined in that account.







share|improve this answer












share|improve this answer



share|improve this answer










answered Jun 6 at 17:26









DominikDominik

1364 bronze badges




1364 bronze badges












  • Thanks so much!; I have to admit that I already used the "--profile" in other commands, but I didn't notice it here. And seems strange to me that anywhere was this explained as clear as you explained it here. THanks!

    – Gotttlieb
    Jun 6 at 23:03

















  • Thanks so much!; I have to admit that I already used the "--profile" in other commands, but I didn't notice it here. And seems strange to me that anywhere was this explained as clear as you explained it here. THanks!

    – Gotttlieb
    Jun 6 at 23:03
















Thanks so much!; I have to admit that I already used the "--profile" in other commands, but I didn't notice it here. And seems strange to me that anywhere was this explained as clear as you explained it here. THanks!

– Gotttlieb
Jun 6 at 23:03





Thanks so much!; I have to admit that I already used the "--profile" in other commands, but I didn't notice it here. And seems strange to me that anywhere was this explained as clear as you explained it here. THanks!

– Gotttlieb
Jun 6 at 23:03

















draft saved

draft discarded
















































Thanks for contributing an answer to Server Fault!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f970414%2faws-ecs-deployment-error-using-cross-account%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







SKIm9,Ge,gV7L3i3g,btedU,Vm8gDBgblbmsIWnWPPTGFWx,A
-
sPYli1YS7h637dk5A,wkSacJdhEdqeIuSVHpIux4gpNPxZ7vZ3xRga yD1K4a0QrLNboq5QJdQiE1X,n1zZ z3epf

Popular posts from this blog

RemoteApp sporadic failureWindows 2008 RemoteAPP client disconnects within a matter of minutesWhat is the minimum version of RDP supported by Server 2012 RDS?How to configure a Remoteapp server to increase stabilityMicrosoft RemoteApp Active SessionRDWeb TS connection broken for some users post RemoteApp certificate changeRemote Desktop Licensing, RemoteAPPRDS 2012 R2 some users are not able to logon after changed date and time on Connection BrokersWhat happens during Remote Desktop logon, and is there any logging?After installing RDS on WinServer 2016 I still can only connect with two users?RD Connection via RDGW to Session host is not connecting

Image
Can I use my laptop, which says 100-240V, in the USA? Definition of Newton's first law Why did the ICC decide not to probe alleged US atrocities in Afghanistan? Is there ever any indication in the MCU as to how Spider-Man got his powers? Should pressure only be applied at the top of a pastry bag? How did Thanos not realise this had happened at the end of Endgame? On studying Computer Science vs. Software Engineering to become a proficient coder Why does the Earth follow an elliptical trajectory rather than a parabolic one? What's the word for the soldier salute? Why not just directly invest in the holdings of an ETF? Can a tourist shoot a gun in the USA? Why in a Ethernet LAN, a packet sniffer can obtain all packets sent over the LAN? What is Plautus’s pun about frustum and frustrum? Extrude the faces of a cube symmetrically along XYZ Why does my circuit work on a breadboard, but not on a perfboard? I am new to soldering How do I tell my supervisor...
Read more

Vilaño, A Laracha Índice Patrimonio | Lugares e parroquias | Véxase tamén | Menú de navegación43°14′52″N 8°36′03″O / 43.24775, -8.60070

Image
Parroquias da LarachaParroquias de Galicia baixo a advocación de Santiago o Maior coruñésLarachacomarca de BergantiñosIGE20131999castro de Montesclarospoboado castrexoidade de ferroromanización de Galiciamiliariopazo de Montesclarosséculo XIXAmboadeA AreosaA BarreiraBos AiresA BoticaAs Brañas da ViñaAs BrañasBusteloOs CanedosFerreirosAs FervenzasA Fonte da CanleO FormigueiroFornelosA FragaFragundeGravidoA LamelaMarfuloOs MeánsMontes ClarosA PanelaO PazoQuintánsRibelaSamiroO SeixoA TelleiraVilañoVilanovaA ViñaVista AlegreCabovilaño (San Román)Caión (Santa María do Socorro)Coiro (San Xián)Erboedo (Santa María)Golmar (San Bieito)Lemaio (Santa Mariña)Lendo (San Xián)Lestón (San Martiño)Montemaior (Santa María Madanela)Soandres (San Pedro)Soutullo (Santa María)Torás (Santa María)Vilaño (Santiago) Vilaño, A Laracha Na Galipedia, a Wi...
Read more

Cegueira Índice Epidemioloxía | Deficiencia visual | Tipos de cegueira | Principais causas de cegueira | Tratamento | Técnicas de adaptación e axudas | Vida dos cegos | Primeiros auxilios | Crenzas respecto das persoas cegas | Crenzas das persoas cegas | O neno deficiente visual | Aspectos psicolóxicos da cegueira | Notas | Véxase tamén | Menú de navegación54.054.154.436928256blindnessDicionario da Real Academia GalegaPortal das Palabras"International Standards: Visual Standards — Aspects and Ranges of Vision Loss with Emphasis on Population Surveys.""Visual impairment and blindness""Presentan un plan para previr a cegueira"o orixinalACCDV Associació Catalana de Cecs i Disminuïts Visuals - PMFTrachoma"Effect of gene therapy on visual function in Leber's congenital amaurosis"1844137110.1056/NEJMoa0802268Cans guía - os mellores amigos dos cegosArquivadoEscola de cans guía para cegos en Mortágua, PortugalArquivado"Tecnología para ciegos y deficientes visuales. Recopilación de recursos gratuitos en la Red""Colorino""‘COL.diesis’, escuchar los sonidos del color""COL.diesis: Transforming Colour into Melody and Implementing the Result in a Colour Sensor Device"o orixinal"Sistema de desarrollo de sinestesia color-sonido para invidentes utilizando un protocolo de audio""Enseñanza táctil - geometría y color. Juegos didácticos para niños ciegos y videntes""Sistema Constanz"L'ocupació laboral dels cecs a l'Estat espanyol està pràcticament equiparada a la de les persones amb visió, entrevista amb Pedro ZuritaONCE (Organización Nacional de Cegos de España)Prevención da cegueiraDescrición de deficiencias visuais (Disc@pnet)Braillín, un boneco atractivo para calquera neno, con ou sen discapacidade, que permite familiarizarse co sistema de escritura e lectura brailleAxudas Técnicas36838ID00897494007150-90057129528256DOID:1432HP:0000618D001766C10.597.751.941.162C97109C0155020

Image
OftalmoloxíaDiscapacidade sentidovistaNorteaméricaEuropaollopaíses en vías de desenvolvementopaíses desenvolvidos2014Organización Mundial da SaúdeGaliciaretinopatía diabéticaglaucomaresto visualagudeza visualcampo visualterapia xénicaretinavirus do arrefriado comúncanadestradoséculo XIXLouis Brailleteclado brailleescáneresrecoñecemento óptico de caractereslectores de pantallacorsinestesiafrauta doceamareloclarineteazultamboresvermellopianoverdeSistema Constanzsemáforocans guíaBrailletactosoftwaretactoeuroAvuiséculo XXUnión SoviéticaFranciaItaliaInglaterraNataciónatletismociclismojudoesquífútbol salamontañismoxadrezgoalballsociedademúsicosindixentesprofetassabiosoídotactomúsicarisatactooídolinguaxePiaget (function()var node=document.getElementById("mw-dismissablenotice-anonplace");if(node)node.outerHTML="u003Cdiv class="mw-dismissable-notice"u0...
Read more