如何删除无法从 AWS 组织访问的成员账户?
[英]How Can I Remove A Member Account that I Cannot Access from an AWS Organization?
问题描述
Context
语境
I'm creating a new Organization in AWS to learn about how they function.我正在 AWS 中创建一个新组织以了解它们的运作方式。 This isn't for an organization as I'd need more units to set this up.这不适用于组织,因为我需要更多单位来设置它。 The goal is a simple setup for a small company that would want staging and production accounts to isolate infrastructure.目标是为希望登台和生产帐户隔离基础设施的小公司进行简单设置。
For this, I have a master account and I've added two other accounts - staging and production which are attached to staging and production organizational units respectively.为此,我有一个主帐户,并添加了另外两个帐户 - 暂存和生产,它们分别附加到暂存和生产组织单位。
The email attached to the master account is master@domain.com and the production account is master+production@domain.com while the staging is master+staging@domain.com.附加到主帐户的电子邮件是 master@domain.com,生产帐户是 master+production@domain.com,而暂存帐户是 master+staging@domain.com。
I've read: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html and it seems that you cannot which is unfortunate but I was hoping there is some way around that.我读过: https : //docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html似乎你不能,这很不幸,但我希望有办法解决这个问题。
Account Structure:账户结构:
root
-> app
-> staging (master+staging@domain.com)
-> production (master+production@domain.com)
Problems问题
I've run into several issues:我遇到了几个问题:
I cannot sign in because the provided email goes to my master account and AWS assumes I'm the root account.
我无法登录,因为提供的电子邮件发送到我的主账户并且 AWS 假定我是根账户。I cannot rename the account and cannot find documentation into how to.
我无法重命名帐户,也找不到有关如何重命名的文档。I cannot delete the account because it doesn't have billing information associated with it.
我无法删除该帐户,因为它没有与之关联的帐单信息。I cannot delete the organization to start over because you must remove all accounts first.
我无法删除组织以重新开始,因为您必须先删除所有帐户。
Questions问题
Any ideas on how to get out of this?
关于如何摆脱这种情况的任何想法?How can I setup a simple production |
我如何设置一个简单的生产 | staging with an account for each?为每个帐户登台?
I just want a simple setup of prod and staging that I can use to setup apps on for experimenting with infrastructure more.我只想要一个简单的 prod 和 staging 设置,我可以用它来设置应用程序,以便更多地试验基础设施。
1 个解决方案
解决方案1
0 2020-10-31 02:33:27
To log into your member accounts from your master account, see this link: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_access-cross-account-role要从您的主账户登录您的成员账户,请参阅此链接: https : //docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_access-cross-account-role
When you create an AWS Org member account, you don't see the root user account.创建 AWS 组织成员账户时,您看不到根用户账户。 However, you need it to remove the account.但是,您需要它来删除帐户。 Use the member account email to initiate a root user login and then use the "Forgot Password" process to reset the root user password.使用会员账号邮箱发起root用户登录,然后使用“忘记密码”流程重置root用户密码。 Then, login as root and add the info necessary to get rid of the account.然后,以 root 身份登录并添加删除帐户所需的信息。
Even then you'll have problems, but ... you'll be closer to your goal.即使那样你也会遇到问题,但是......你会更接近你的目标。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.