Olaf Conijn

Thanks @rob3c I agree this is something will need more looking into. Thanks for bumping it up the list

To use this stack with **an existing AWS Organization** (be it an existing sandbox org or otherwise), you should be able to get started by running either the `org-formation init`...

do you have a specific errorcode/response? i have already added a couple... the specific error you get might depend on the order of tasks in your specific project.

great, thanks! will fix/look into this soon. also: My understanding is that retrying the build is a workaround. is this correct?

looks like a bit of a mixed bag..... i have seen all sorts of different reasons that running perform-tasks after adding an account fails. including things that have been org-formation...

hi @dobeerman i think your issue is somewhat different. looking at the logs your issue seems to be that accounts `123123123123`, `456456456456`, `321321321321` (etc) do not have the role `OrganizationAccountAccessRole`...

interesting @zaro0508, thanks for sharing. will look into this

hi @mbarneyjr Would be happy to document what the pipeline needs. indeed! The pipeline role is also used to deploy resources to the master account (for other accounts this is...

I @mbarneyjr, others, The best way to think about the IAM policies is in relation to command. The permissions needed for the perform-tasks command are most interesting (and most complex)....

i know this sounds a bit non-sensical, but if you change that to: ``` yaml Targets: - TargetType: AWS_ACCOUNT TargetIds: - Fn::EnumTargetAccounts TargetBinding ${account} ``` This will add the single...