Problem
CreateEnvironmentProfile requires the calling principal to be a DataZone project member via Identity Center. DataZone uses its own authorization model separate from IAM.
Current state
- Script creates domain and projects successfully
- Fails at CreateEnvironmentProfile with AccessDeniedException
--managed flag fix applied for blueprint listing
Steps to resolve
- Configure DataZone domain to use Identity Center for user management
- Map an IC user as a DataZone project owner
- Run the script as that IC user
- Test end-to-end
- Add back to the non-interactive PR
Problem
CreateEnvironmentProfile requires the calling principal to be a DataZone project member via Identity Center. DataZone uses its own authorization model separate from IAM.
Current state
--managedflag fix applied for blueprint listingSteps to resolve