Enabling a delegated admin account for AWS Account Management
A delegated admin account can call the AWS Account Management API operations for other member accounts in the organization. To designate a member account in your organization as a delegated admin account, use the following procedure.
Minimum permissions
To perform these tasks, you must meet the following requirements:
-
You can perform this only from the organization's management account.
-
Your organization must have all features enabled.
-
You must have enabled trusted access for Account Management in your organization.
After you specify a delegated admin account for your organization, users and roles in that
account can call the AWS CLI and AWS SDK operations in the account
namespace
that can work in the Organizations mode by supporting an optional AccountId
parameter.