AWS Organizations
User Guide

Document History for AWS Organizations

The following table describes major documentation updates for AWS Organizations.

  • API version: 2016-11-28

Change Description Date

Integration with AWS Config rules

You can use AWS Config APIs to manage AWS Config rules across all AWS accounts in your organization.

July 8, 2019

New service for trusted access

Service Quotas added as a service that can work with the accounts in your organization.

June 24, 2019

Integration with AWS Control Tower

AWS Control Tower added as a service that can work with the accounts in your organization.

June 24, 2019

Integration with AWS Identity and Access Management

IAM provides service last accessed data for your organization's entities (the organization root, OUs, and accounts). You can use this data to restrict access to only the AWS services that you need.

June 20, 2019

Tagging accounts

You can tag and untag accounts in your organization and view tags on an account in your organization.

June 6, 2019

Resources, conditions, and the NotAction element in service control policies (SCPs)

You can now specify resources, conditions, and the NotAction element in SCPs to deny access across accounts in your organization or organizational unit (OU).

March 25, 2019

New services for trusted access

AWS License Manager and AWS Service Catalog added as services that can work with the accounts in your organization.

December 21, 2018

New services for trusted access

AWS CloudTrail and AWS RAM added as services that can work with the accounts in your organization.

December 4, 2018

New service for trusted access

AWS Directory Service added as a service that can work with the accounts in your organization.

September 25, 2018

Email address verification

You must verify that you own the email address that is associated with the master account before you can invite existing accounts to your organization.

September 20, 2018

CreateAccount notifications

CreateAccount notifications are published to the master account's CloudTrail logs.

June 28, 2018

New service for trusted access

AWS Artifact added as a service that can work with the accounts in your organization.

June 20, 2018

New services for trusted access

AWS Config and AWS Firewall Manager added as services that can work with the accounts in your organization.

April 18, 2018

Trusted service access

You can now enable or disable access for select AWS services to work in the accounts in your organization. AWS SSO is the initial supported trusted service.

March 29, 2018

Account removal is now self-service

You can now remove accounts that were created from within AWS Organizations without contacting AWS Support.

December 19, 2017

Added support for new service AWS Single Sign-On

AWS Organizations now supports integration with AWS Single Sign-On (AWS SSO).

December 7, 2017

AWS added a service-linked role to all organization accounts

A service-linked role named AWSServiceRoleForOrganizations is added to all accounts in an organization to enable integration between AWS Organizations and other AWS services.

October 11, 2017

You can now remove created accounts

Customers can now remove created accounts from their organization, with help from AWS Support.

June 15, 2017

Service Launch

Initial version of the AWS Organizations documentation that accompanied the launch of the new service.

February 17, 2017