EnableOrganizationAdminAccount - Amazon Detective

EnableOrganizationAdminAccount

Designates the Detective administrator account for the organization in the current Region.

If the account does not have Detective enabled, then enables Detective for that account and creates a new behavior graph.

Can only be called by the organization management account.

If the organization has a delegated administrator account in Organizations, then the Detective administrator account must be either the delegated administrator account or the organization management account.

If the organization does not have a delegated administrator account in Organizations, then you can choose any account in the organization. If you choose an account other than the organization management account, Detective calls Organizations to make that account the delegated administrator account for Detective. The organization management account cannot be the delegated administrator account.

Request Syntax

POST /orgs/enableAdminAccount HTTP/1.1 Content-type: application/json { "AccountId": "string" }

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.

AccountId

The AWS account identifier of the account to designate as the Detective administrator account for the organization.

Type: String

Length Constraints: Fixed length of 12.

Pattern: ^[0-9]+$

Required: Yes

Response Syntax

HTTP/1.1 200

Response Elements

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

Errors

For information about the errors that are common to all actions, see Common Errors.

InternalServerException

The request was valid but failed because of a problem with the service.

HTTP Status Code: 500

TooManyRequestsException

The request cannot be completed because too many other requests are occurring at the same time.

HTTP Status Code: 429

ValidationException

The request parameters are invalid.

HTTP Status Code: 400

Examples

Example

This example illustrates one usage of EnableOrganizationAdminAccount.

Sample Request

POST /orgs/enableAdminAccount HTTP/1.1 Host: api.detective.us-west-2.amazonaws.com Accept-Encoding: identity Content-Length: 28 Authorization: AUTHPARAMS X-Amz-Date: 20210923T193018Z User-Agent: aws-cli/1.14.29 Python/2.7.9 Windows/8 botocore/1.8.33 { "AccountId": "111122223333" }

Example

This example illustrates one usage of EnableOrganizationAdminAccount.

Sample Response

HTTP/1.1 200 OK Content-Length: 0 Date: Thu, 23 Sep 2021 23:07:46 GMT x-amzn-RequestId: 397d0549-0092-11e8-a0ee-a7f9aa6e7572 Connection: Keep-alive

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: