Document history for AWS Organizations
The following table describes major documentation updates for AWS Organizations.
-
API version: 2016-11-28
| Change | Description | Date |
|---|---|---|
Added new | February 6, 2024 | |
Added links to considerations and detailed steps that walk through how to close a management account. | February 1, 2024 | |
Added new information to the best practices section to help align with IAM best practices. | June 12, 2023 | |
Updated the AWSOrganizationsFullAccess and AWSOrganizationsReadOnlyAccess managed policies | Both managed policies were updated to enable write or read access to contacts for accounts. | October 21, 2022 |
The managed policy was updated to allow creating an organization by adding the permission required to create the service linked role needed by a new organization. | August 24, 2022 | |
Organizations close account capability from the AWS Organizations console | Principals in the management account can close member accounts from the AWS Organizations console, and protect member accounts from accidental closure by using IAM policies. | March 29, 2022 |
Updated announcement to update alternate contacts with AWS Organizations console | Organizations now provides ability to update alternate contacts for accounts within your organization using the AWS Organizations console. Announce new capability and points to Account Management Reference for instructions. | February 8, 2022 |
Organizations managed policy updates - Update to an existing policy | Updated the AWSOrganizationsFullAccess and AWSOrganizationsReadOnlyAccess managed policies to allow account API permissions required to update or view account alternate contacts via the AWS Organizations console. | February 7, 2022 |
You can integrate Amazon DevOps Guru with AWS Organizations to monitor application health holistically across all of your organization accounts and gain insights. | January 3, 2022 | |
You can integrate Amazon Detective with AWS Organizations to ensure that your Detective behavior graph provides visibility into the activity for all of your organization accounts. | December 16, 2021 | |
Organizations integration with AWS Config now supports multi-account multi-region data aggregation. | You can use a delegated administrator account to aggregate resource configuration and compliance data from all of the member accounts your organization. For more information, see Multi-account multi-region data aggregationin the AWS Config Developer Guide. | June 16, 2021 |
You can now designate a member account in your organization to be the Firewall Manager administrator for the entire organization. This allows for better separation of permissions from the organization's management account. | April 30, 2021 | |
You can use the AWS Backup continuous backups feature with your organization's backup policies. | March 10, 2021 | |
You can now designate a member account in your organization to be the AWS CloudFormation StackSets administrator for the entire organization. This allows for better separation of permissions from the organization's management account. | February 18, 2021 | |
AWS updated the process to enable all features in an organization. You can now continue to invite new accounts to join your organization while you wait for existing accounts to respond to their invitations. | February 3, 2021 | |
Introduces version 2.0 of the AWS Organizations console | AWS introduced a new version of the AWS console. All of the documentation has been updated to reflect the new way of performing tasks. | January 21, 2021 |
You can now enable AWS Marketplace to more easily share your software licenses across all of the accounts in your organization. | December 3, 2020 | |
Amazon S3 Lens supports both trusted access and delegated administrator with Organizations. For details, see Amazon S3 Storage Lens in the Amazon Simple Storage Service User Guide. | November 18, 2020 | |
When you use backup policies to backup the resources in your organization, you can now store copies of your backup in other AWS accounts in the organization. | November 18, 2020 | |
AWS Regions in China now support AWS Resource Access Manager as an Organizations trusted service | You can now use AWS RAM features that integrate with Organizations as a trusted service when you use Organizations and AWS RAM in China. | November 18, 2020 |
Organizations now supports integration with AWS Security Hub | You can enable Security Hub across all of the accounts in your organization, and designate one of your organization's member accounts as the delegated administrator account for Security Hub. | November 12, 2020 |
Renamed the master account | AWS Organizations changed the name of the “master account” to “management account”. This is a name change only, and there is no change in functionality. | October 20, 2020 |
Added a new section for best practices for AWS Organizations. The new section includes topics that discuss best practices for the management account and member account root users and password management. | October 6, 2020 | |
There is a new section for topics that describe best practices for AWS Organizations. This update includes a topic for best practices for an organization's management account and a topic for best practices for member accounts. | October 2, 2020 | |
Backup policies support a new | September 24, 2020 | |
Organizations supports tag-on-create and tag-based access control | You can add tags to Organizations resources when you create them. You can use tag policies to standardize tag usage on Organizations resources. You can use IAM policies to restrict access to only resources that have specified tag keys and values. | September 15, 2020 |
You can aggregate AWS Health events across accounts in your organization. | August 4, 2020 | |
You can use AI services opt-out policies to control whether AWS AI services may store and use customer content processed by those services (AI content) for the development and continuous improvement of AWS AI services and technologies. | July 8, 2020 | |
You can use backup policies to create and enforce backup policies across all of the accounts in your organization. | June 24, 2020 | |
Enables you to delegate administrative access for Access Analyzer in your organization to a designated member account. | March 30, 2020 | |
You can create a service-managed stack set to deploy stack instances to accounts managed by AWS Organizations. | February 11, 2020 | |
Compute Optimizer was added as a service that can work with accounts in your organization. | February 4, 2020 | |
You can use tag policies to help standardize tags across resources in your organization's accounts. | November 26, 2019 | |
You can synchronize operations data across all AWS accounts in your organization in Systems Manager Explorer. | November 26, 2019 | |
New global condition key checks the AWS Organizations path for the IAM user, IAM role, or AWS account root user who is making the request. | November 20, 2019 | |
You can use AWS Config API operations to manage AWS Config rules across all AWS accounts in your organization. | July 8, 2019 | |
Service Quotas added as a service that can work with the accounts in your organization. | June 24, 2019 | |
AWS Control Tower added as a service that can work with the accounts in your organization. | June 24, 2019 | |
IAM provides service last accessed data for your organization's entities (the organization root, OUs, and accounts). You can use this data to restrict access to only the AWS services that you need. | June 20, 2019 | |
You can tag and untag accounts in your organization and view tags on an account in your organization. | June 6, 2019 | |
Resources, conditions, and the | You can now specify resources, conditions, and the | March 25, 2019 |
AWS License Manager and Service Catalog added as services that can work with the accounts in your organization. | December 21, 2018 | |
AWS CloudTrail and AWS RAM added as services that can work with the accounts in your organization. | December 4, 2018 | |
AWS Directory Service added as a service that can work with the accounts in your organization. | September 25, 2018 | |
You must verify that you own the email address that is associated with the management account before you can invite existing accounts to your organization. | September 20, 2018 | |
| June 28, 2018 | |
AWS Artifact added as a service that can work with the accounts in your organization. | June 20, 2018 | |
AWS Config and AWS Firewall Manager added as services that can work with the accounts in your organization. | April 18, 2018 | |
You can now enable or disable access for select AWS services to work in the accounts in your organization. IAM Identity Center is the initial supported trusted service. | March 29, 2018 | |
You can now remove accounts that were created from within AWS Organizations without contacting AWS Support. | December 19, 2017 | |
AWS Organizations now supports integration with AWS IAM Identity Center (IAM Identity Center). | December 7, 2017 | |
AWS added a service-linked role to all organization accounts | A service-linked role named | October 11, 2017 |
You can now remove created accounts | Customers can now remove created accounts from their organization, with help from AWS Support. | June 15, 2017 |
Initial version of the AWS Organizations documentation that accompanied the launch of the new service. | February 17, 2017 |
