Hi all,
My use-case is, I'm using an organization AWS account in which I have created a role and with that, I can list the S3 buckets using the doc https://support.atlassian.com/bitbucket-cloud/docs/deploy-on-aws-using-bitbucket-pipelines-openid-connect/
I have created another AWS TEST account under this organization AWS account. A role is created in the TEST account and trust relationship is given to organization(management) account from it. Also, the role in organization account is given STS full permission to assume the role in TEST account.
Now, I'm getting the following error with Bitbucket pipeline while trying to list the S3 bucket in the TEST account.
An error occurred (AccessDenied) when calling the ListObjectsV2 operation:
Is this possible with bitbucket OIDC to assume a role in TEST account by the role in organization(management) account via STS?
I only want to create role in organization(management) account and use STS assume roles to access resources in other accounts under the organisation. So authorization usng OIDC only happens in AWs management account.