Seleccione sus preferencias de cookies

Usamos cookies esenciales y herramientas similares que son necesarias para proporcionar nuestro sitio y nuestros servicios. Usamos cookies de rendimiento para recopilar estadísticas anónimas para que podamos entender cómo los clientes usan nuestro sitio y hacer mejoras. Las cookies esenciales no se pueden desactivar, pero puede hacer clic en “Personalizar” o “Rechazar” para rechazar las cookies de rendimiento.

Si está de acuerdo, AWS y los terceros aprobados también utilizarán cookies para proporcionar características útiles del sitio, recordar sus preferencias y mostrar contenido relevante, incluida publicidad relevante. Para aceptar o rechazar todas las cookies no esenciales, haga clic en “Aceptar” o “Rechazar”. Para elegir opciones más detalladas, haga clic en “Personalizar”.

EnableOrganizationsRootSessions - AWS Identity and Access Management
Esta página no se ha traducido a su idioma. Solicitar traducción

EnableOrganizationsRootSessions

Allows the management account or delegated administrator to perform privileged tasks on member accounts in your organization. For more information, see Centrally manage root access for member accounts in the AWS Identity and Access Management User Guide.

Before you enable this feature, you must have an account configured with the following settings:

  • You must manage your AWS accounts in AWS Organizations.

  • Enable trusted access for AWS Identity and Access Management in AWS Organizations. For details, see IAM and AWS Organizations in the AWS Organizations User Guide.

Response Elements

The following elements are returned by the service.

EnabledFeatures.member.N

The features you have enabled for centralized root access.

Type: Array of strings

Valid Values: RootCredentialsManagement | RootSessions

OrganizationId

The unique identifier (ID) of an organization.

Type: String

Length Constraints: Maximum length of 34.

Pattern: ^o-[a-z0-9]{10,32}$

Errors

For information about the errors that are common to all actions, see Common Errors.

AccountNotManagementOrDelegatedAdministrator

The request was rejected because the account making the request is not the management account or delegated administrator account for centralized root access.

HTTP Status Code: 400

CallerIsNotManagementAccount

The request was rejected because the account making the request is not the management account for the organization.

HTTP Status Code: 400

OrganizationNotFound

The request was rejected because no organization is associated with your account.

HTTP Status Code: 400

OrganizationNotInAllFeaturesMode

The request was rejected because your organization does not have All features enabled. For more information, see Available feature sets in the AWS Organizations User Guide.

HTTP Status Code: 400

ServiceAccessNotEnabled

The request was rejected because trusted access is not enabled for IAM in AWS Organizations. For details, see IAM and AWS Organizations in the AWS Organizations User Guide.

HTTP Status Code: 400

Examples

Example

This example illustrates one usage of EnableOrganizationsRootSessions.

Sample Request

https://iam.amazonaws.com/?Action=EnableOrganizationsRootSessions &Version=2010-05-08 &AUTHPARAMS

Sample Response

<EnableOrganizationsRootSessionsResponse xmlns="https://iam.amazonaws.com/doc/2024-11-03/"> <ResponseMetadata> <EnabledFeatures> <member><RootCredentialsManagement></member> <member><RootSessions></member> </EnabledFeatures> <OrganizationId>o111122223333</OrganizationId> </ResponseMetadata> </EnableOrganizationsRootSessionsResponse>

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

PrivacidadTérminos del sitioPreferencias de cookies
© 2025, Amazon Web Services, Inc o sus afiliados. Todos los derechos reservados.