Register a delegated administrator - AWS License Manager

Register a delegated administrator

You can delegate a member account from your organization to perform administrative tasks, such as sharing license configurations with other member accounts, performing cross-account resource discovery, and distributing managed entitlements to other member accounts. Only member accounts that are part of your AWS Organizations can be registered as a delegated administrator. For more information about joining an organization, see Inviting an AWS account to join your organization.

Your can register one delegated administrator per organization. Before you register a delegated administrator, you must enable trusted access with AWS Organizations. For more information, see Enable trusted access with AWS Organizations.

Important

Once registered, the delegated administrator has visibility into EC2 instances owned by accounts in your organization.

The following AWS Regions support License Manager delegated administrators:

  • US East (Ohio)

  • US East (N. Virginia)

  • US West (N. California)

  • US West (Oregon)

  • Asia Pacific (Mumbai)

  • Asia Pacific (Seoul)

  • Asia Pacific (Singapore)

  • Asia Pacific (Sydney)

  • Asia Pacific (Tokyo)

  • Asia Pacific (Hong Kong)

  • Middle East (Bahrain)

  • Canada (Central)

  • Europe (Frankfurt)

  • Europe (Ireland)

  • Europe (London)

  • Europe (Paris)

  • Europe (Stockholm)

  • Europe (Milan)

  • Africa (Cape Town)

  • South America (São Paulo)

  • AWS GovCloud (US-East)

  • AWS GovCloud (US-West)

You can register and deregister delegated administrators using the AWS License Manager console, AWS CLI, or AWS SDKs.

Register a delegated administrator (console)

To register a delegated administrator using the AWS License Manager console, perform the following steps:

  1. Sign in to AWS as the administrator of the management account.

  2. Open the License Manager console at https://console.aws.amazon.com/license-manager/.

  3. Choose Settings from the left navigation pane.

  4. Under Delegated administrators, choose Delegate administrator.

  5. To register a delegated administrator, enter the account ID and select Delegate.

  6. A message indicates that the specified account has been successfully registered as a delegated administrator.

Deregister a delegated administrator (console)

To deregister a delegated administrator using the AWS License Manager console, perform the following steps:

  1. Sign in to AWS as the administrator of the management account.

  2. Open the License Manager console at https://console.aws.amazon.com/license-manager/.

  3. Choose Settings from the left navigation pane.

  4. Under Delegated adminstrators, choose Remove.

  5. Verify successful deregistering of delegated administrator by choosing Remove again.

Register a delegated administrator (AWS CLI)

To register a delegated administrator using the AWS CLI, perform the following steps:

  1. From the command line, run the following AWS CLI command:

    aws organizations register-delegated-administrator --service-principal=license-manager.amazonaws.com --account-id=<account-id>
  2. Run the following command to verify that the specified account is successfully registered as the delegated administrator:

    aws organizations list-delegated-administrators --service-principal=license-manager.amazonaws.com

Deregister a delegated administrator (AWS CLI)

To deregister a delegated administrator using the AWS CLI, perform the following steps:

  1. From the command line, run the following AWS CLI command:

    aws organizations deregister-delegated-administrator --service-principal=license-manager.amazonaws.com --account-id=<account-id>
  2. Run the following command to verify that the specified account is successfully deregistered as the delegated administrator:

    aws organizations list-delegated-administrators --service-principal=license-manager.amazonaws.com

You can register a deregistered account again at any time.