Service-linked roles for AWS Organization discovery in AWS Data Exchange

AWS Data Exchange uses the service-linked role named AWSServiceRoleForAWSDataExchangeOrganizationDiscovery – this role allows AWS Data Exchange to retrieve information about your AWS organization to determine eligibility for AWS Data Exchange data grants license distribution.

Note

This role is only needed in the AWS Organization's management account.

The AWSServiceRoleForAWSDataExchangeOrganizationDiscovery service-linked role trusts the following services to assume the role:

organization-discovery.dataexchange.amazonaws.com

The role permissions policy named AWSDataExchangeServiceRolePolicyForOrganizationDiscovery allows AWS Data Exchange to complete the following actions on the specified resources:

Actions:
- organizations:DescribeOrganization
- organizations:DescribeAccount
- organizations:ListAccounts

Resources:
- All resources (*)

For more information about the AWSDataExchangeServiceRolePolicyForOrganizationDiscovery role, see AWS managed policy: AWSDataExchangeServiceRolePolicyForOrganizationDiscovery.

For more information about using the AWSServiceRoleForAWSDataExchangeOrganizationDiscovery service-linked role, see Using service-linked roles for AWS Data Exchange.

You must configure permissions to allow your users, groups, or roles to create, edit, or delete a service-linked role. For more information, see Service-linked role permissions in the IAM User Guide.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Service-linked role for license management

Compliance validation