Installation Failure

[ezrawcdm]

I ran into this error in Amplify when installing for the first time:

Invalid request provided: You cannot configure or manage event data stores for an organization because you are not signed in with the management account

This is a multi-account organization and, per the instructions, I am not installing into the management account. I created a new account in the organization.

The organization has Control Tower enabled and they are enforced by a service control policy.

Could it be that the installation is failing due to the mandatory control disallowing changes to Cloudtrail configurations?

🛑 The following resources failed to deploy: 2024-04-03T21:04:45.282Z [INFO]: Resource Name: myEventDataStore (AWS::CloudTrail::EventDataStore) Event Type: create Reason: Resource handler returned message: "Invalid request provided: You cannot configure or manage event data stores for an organization because you are not signed in with the management account. Your account ID is 123456789. Make sure you are signed in using the management account, and then try again. (Service: CloudTrail, Status Code: 400, Request ID: 40871472-3ca5-4cab-86e7-c61cea04cdd2)" (RequestToken: 24ae893a-a2c7-6bc1-25ba-18102747e6ec, HandlerErrorCode: InvalidRequest)

Or is the issue "you are not signed in with the management account" meaning I need to signed in with the root user. We are using IAM Identity Center and when I ran the deploy script I logged with my SSO account.

[ezrawcdm]

I solved this by making the TEAM account a CloudTrail delegated administrator.