Disabling resource sharing with AWS Organizations

If you previously enabled sharing with AWS Organizations and you no longer need to share resources with your entire organization or organizational units (OUs), you can disable sharing. When you disable sharing with AWS Organizations, all organizations or OUs are removed from the resource shares that you have created and they lose access to the shared resources. External accounts (accounts added to the resource share via invitation) will not be impacted, and will continue to be associated with the resource share.

To disable sharing with AWS Organizations

Disable trusted access to AWS Organizations using the AWS Organizations disable-aws-service-access AWS CLI command.
```
$  aws organizations disable-aws-service-access --service-principal ram.amazonaws.com
```
Important
When you disable trusted access to AWS Organizations, principals within your organizations are removed from all resource shares and lose access to those shared resources.
Use the IAM console, the AWS CLI, or the IAM API operations to delete the AWSServiceRoleForResourceAccessManager service-linked role. For more information, see Deleting a service-linked role in the IAM User Guide.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Example SCPs

Logging and monitoring

Disabling resource sharing with AWS Organizations

To disable sharing with AWS Organizations

Important