Summary

The website content discusses troubleshooting steps for resolving an issue where AWS CloudShell fails to start in a new account within an AWS Organizations account.

Abstract

The author has encountered an error preventing the AWS CloudShell from starting in a newly created 'Sandbox' account under their AWS Organization. Despite administrative permissions being granted to the 'SandBox Admin' user, the CloudShell environment fails to initialize, displaying a message to refresh the browser or restart CloudShell. The author has attempted multiple troubleshooting steps, including refreshing the page, changing regions, restarting CloudShell, and ensuring there are no Service Control Policies (SCPs) that would restrict CloudShell access. Other AWS services appear functional, and there are no relevant errors in CloudTrail or issues reported on the AWS Health dashboard. The author is unsure if the problem lies with their actions or if it's a limitation within AWS Organizations accounts and is seeking updates or solutions.

Opinions

The author suspects there might be an undiscovered issue with AWS CloudShell when used within an AWS Organizations account.
The author has diligently followed standard troubleshooting procedures without success, suggesting a potential bug or configuration limitation on AWS's side.
Despite the lack of immediate solutions, the author remains engaged with the problem and is open to advice or updates from the AWS community or AWS support.

Unable to start the environment. To retry, refresh the browser or restart by selecting Actions, Restart AWS CloudShell

Can’t open CloudShell in AWS Organizations Account

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Check out my series on Automating Cybersecurity Metrics | Code.

🔒 Related Stories: Bugs | AWS Security | Secure Code | CloudFormation

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I created a new account in my organization named Sandbox.

I created a user named SandBox Admin with full administrative permissions using the AWS administrator managed policy.

I click the CloudShell button and I get this:

Unable to start the environment. To retry, refresh the browser or restart by selecting Actions, Restart AWS CloudShell

I’ve tried:

Refreshing the page.
Changing regions.
Restarting CloudShell.
Closing my browser and restarting the browser.
Logging out and logging back in.
I double checked the permissions exist.
I currently have no SCPs related to CloudShell.
Other services seem to be working.
No errors or information in CloudTrail.
No issues on the AWS Health dashboard.

Not sure if I am just doing something wrong or this is not supposed to work in an AWS Organizations account.

Follow for updates.

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab

Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation

Follow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab