Document history for AWS Organizations
The following table describes major documentation updates for AWS Organizations.
-
API version: 2016-11-28
-
Latest documentation update: December 1, 2024
| Change | Description | Date |
|---|---|---|
You can use declarative policies to centrally declare and enforce desired configurations for a given AWS service at scale across an organization. Once attached, the configuration is always maintained when the service adds new features or APIs. | December 1, 2024 | |
Added the | November 22, 2024 | |
AWS Backup policies updated the | November 14, 2024 | |
You can now manage privileged root user credentials across member accounts in AWS Organizations with centralized root access. Centrally secure the root user credentials of your AWS accounts managed using AWS Organizations to remove and prevent root user credential recovery and access at scale. | November 14, 2024 | |
You can use resource control policies (RCPs) to control the maximum available permissions for resources in an organization. | November 13, 2024 | |
You can use chatbot policies to control access to your organization's accounts from chat applications such as Slack and Microsoft Teams. | September 26, 2024 | |
Scenario-driven content updates | The AWS Organizations documentation was updated to be more scenario-driven throughout the entire guide and content was reorganized to improve readability and discovery. If you have feedback on these changes, use the Provide feedback button at the bottom of a page. | September 4, 2024 |
Added documentation about how opt out from all supported AWS AI services. | August 16, 2024 | |
Organizations now supports 10,000 accounts in an organization | You can now manage up to 10,000 member accounts in an organization, doubling the previous limit of 5,000 accounts. If you have a valid requirement and business need, you can request and be approved for a 10,000 account quota without service limit checks from Organizations or other integrated AWS services. | August 14, 2024 |
Added documentation about how to migrate an account from one organization to another. | August 1, 2024 | |
AWS Backup policies now support Amazon Elastic Block Store (Amazon EBS) snapshot archives. For updated examples, see Updating a backup policy and Backup policy syntax and examples. | July 9, 2024 | |
Added the | June 6, 2024 | |
Organizations now provides the capability to centrally update the root user email address for any member account in an organization. | June 6, 2024 | |
Added new | February 6, 2024 | |
Added links to considerations and detailed steps that walk through how to close a management account. | February 1, 2024 | |
Added new information to the best practices section to help align with IAM best practices. | June 12, 2023 | |
Updated the AWSOrganizationsFullAccess and AWSOrganizationsReadOnlyAccess managed policies | Both managed policies were updated to enable write or read access to contacts for accounts. | October 21, 2022 |
The managed policy was updated to allow creating an organization by adding the permission required to create the service linked role needed by a new organization. | August 24, 2022 | |
Organizations close account capability from the AWS Organizations console | Principals in the management account can close member accounts from the AWS Organizations console, and protect member accounts from accidental closure by using IAM policies. | March 29, 2022 |
Updated announcement to update alternate contacts with AWS Organizations console | Organizations now provides ability to update alternate contacts for accounts within your organization using the AWS Organizations console. Announce new capability and points to Account Management Reference for instructions. | February 8, 2022 |
Organizations managed policy updates - Update to an existing policy | Updated the AWSOrganizationsFullAccess and AWSOrganizationsReadOnlyAccess managed policies to allow account API permissions required to update or view account alternate contacts via the AWS Organizations console. | February 7, 2022 |
You can integrate Amazon DevOps Guru with AWS Organizations to monitor application health holistically across all of your organization accounts and gain insights. | January 3, 2022 | |
You can integrate Amazon Detective with AWS Organizations to ensure that your Detective behavior graph provides visibility into the activity for all of your organization accounts. | December 16, 2021 | |
Organizations integration with AWS Config now supports multi-account multi-region data aggregation. | You can use a delegated administrator account to aggregate resource configuration and compliance data from all of the member accounts your organization. For more information, see Multi-account multi-region data aggregationin the AWS Config Developer Guide. | June 16, 2021 |
You can now designate a member account in your organization to be the Firewall Manager administrator for the entire organization. This allows for better separation of permissions from the organization's management account. | April 30, 2021 | |
You can use the AWS Backup continuous backups feature with your organization's backup policies. | March 10, 2021 | |
You can now designate a member account in your organization to be the AWS CloudFormation StackSets administrator for the entire organization. This allows for better separation of permissions from the organization's management account. | February 18, 2021 | |
AWS updated the process to enable all features in an organization. You can now continue to invite new accounts to join your organization while you wait for existing accounts to respond to their invitations. | February 3, 2021 | |
Introduces version 2.0 of the AWS Organizations console | AWS introduced a new version of the AWS console. All of the documentation has been updated to reflect the new way of performing tasks. | January 21, 2021 |
You can now enable AWS Marketplace to more easily share your software licenses across all of the accounts in your organization. | December 3, 2020 | |
Amazon S3 Lens supports both trusted access and delegated administrator with Organizations. For details, see Amazon S3 Storage Lens in the Amazon Simple Storage Service User Guide. | November 18, 2020 | |
When you use backup policies to backup the resources in your organization, you can now store copies of your backup in other AWS accounts in the organization. | November 18, 2020 | |
AWS Regions in China now support AWS Resource Access Manager as an Organizations trusted service | You can now use AWS RAM features that integrate with Organizations as a trusted service when you use Organizations and AWS RAM in China. | November 18, 2020 |
Organizations now supports integration with AWS Security Hub | You can enable Security Hub across all of the accounts in your organization, and designate one of your organization's member accounts as the delegated administrator account for Security Hub. | November 12, 2020 |
Renamed the master account | AWS Organizations changed the name of the “master account” to “management account”. This is a name change only, and there is no change in functionality. | October 20, 2020 |
Added a new section for best practices for AWS Organizations. The new section includes topics that discuss best practices for the management account and member account root users and password management. | October 6, 2020 | |
There is a new section for topics that describe best practices for AWS Organizations. This update includes a topic for best practices for an organization's management account and a topic for best practices for member accounts. | October 2, 2020 | |
Backup policies support a new | September 24, 2020 | |
Organizations supports tag-on-create and tag-based access control | You can add tags to Organizations resources when you create them. You can use tag policies to standardize tag usage on Organizations resources. You can use IAM policies to restrict access to only resources that have specified tag keys and values. | September 15, 2020 |
You can aggregate AWS Health events across accounts in your organization. | August 4, 2020 | |
You can use AI services opt-out policies to control whether AWS AI services may store and use customer content processed by those services (AI content) for the development and continuous improvement of AWS AI services and technologies. | July 8, 2020 | |
You can use backup policies to create and enforce backup policies across all of the accounts in your organization. | June 24, 2020 | |
Enables you to delegate administrative access for Access Analyzer in your organization to a designated member account. | March 30, 2020 | |
You can create a service-managed stack set to deploy stack instances to accounts managed by AWS Organizations. | February 11, 2020 | |
Compute Optimizer was added as a service that can work with accounts in your organization. | February 4, 2020 | |
You can use tag policies to help standardize tags across resources in your organization's accounts. | November 26, 2019 | |
You can synchronize operations data across all AWS accounts in your organization in Systems Manager Explorer. | November 26, 2019 | |
New global condition key checks the AWS Organizations path for the IAM user, IAM role, or AWS account root user who is making the request. | November 20, 2019 | |
You can use AWS Config API operations to manage AWS Config rules across all AWS accounts in your organization. | July 8, 2019 | |
Service Quotas added as a service that can work with the accounts in your organization. | June 24, 2019 | |
AWS Control Tower added as a service that can work with the accounts in your organization. | June 24, 2019 | |
IAM provides service last accessed data for your organization's entities (the organization root, OUs, and accounts). You can use this data to restrict access to only the AWS services that you need. | June 20, 2019 | |
You can tag and untag accounts in your organization and view tags on an account in your organization. | June 6, 2019 | |
Resources, conditions, and the | You can now specify resources, conditions, and the | March 25, 2019 |
AWS License Manager and Service Catalog added as services that can work with the accounts in your organization. | December 21, 2018 | |
AWS CloudTrail and AWS RAM added as services that can work with the accounts in your organization. | December 4, 2018 | |
AWS Directory Service added as a service that can work with the accounts in your organization. | September 25, 2018 | |
You must verify that you own the email address that is associated with the management account before you can invite existing accounts to your organization. | September 20, 2018 | |
| June 28, 2018 | |
AWS Artifact added as a service that can work with the accounts in your organization. | June 20, 2018 | |
AWS Config and AWS Firewall Manager added as services that can work with the accounts in your organization. | April 18, 2018 | |
You can now enable or disable access for select AWS services to work in the accounts in your organization. IAM Identity Center is the initial supported trusted service. | March 29, 2018 | |
You can now remove accounts that were created from within AWS Organizations without contacting AWS Support. | December 19, 2017 | |
AWS Organizations now supports integration with AWS IAM Identity Center (IAM Identity Center). | December 7, 2017 | |
AWS added a service-linked role to all organization accounts | A service-linked role named | October 11, 2017 |
You can now remove created accounts | Customers can now remove created accounts from their organization, with help from AWS Support. | June 15, 2017 |
Initial version of the AWS Organizations documentation that accompanied the launch of the new service. | February 17, 2017 |
