Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account
GetAccountLevelServiceConfiguration - AWS Resource Explorer
Request SyntaxURI Request ParametersRequest BodyResponse SyntaxResponse ElementsErrorsExamplesSee Also

GetAccountLevelServiceConfiguration

PDF

Retrieves the status of your account's AWS service access, and validates the service linked role required to access the multi-account search feature. Only the management account can invoke this API call.

Minimum permissions

To call this operation, you must have the following permissions:

  • Action: resource-explorer-2:GetAccountLevelServiceConfiguration

    Resource: No specific resource (*).

Request Syntax

POST /GetAccountLevelServiceConfiguration HTTP/1.1

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request does not have a request body.

Response Syntax

HTTP/1.1 200
Content-type: application/json

{
   "OrgConfiguration": { 
      "AWSServiceAccessStatus": "string",
      "ServiceLinkedRole": "string"
   }
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

OrgConfiguration

Details about the organization, and whether configuration is ENABLED or DISABLED.

Type: OrgConfiguration object

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

The credentials that you used to call this operation don't have the minimum required permissions.

HTTP Status Code: 403

InternalServerException

The request failed because of internal service error. Try your request again later.

HTTP Status Code: 500

ResourceNotFoundException

You specified a resource that doesn't exist. Check the ID or ARN that you used to identity the resource, and try again.

HTTP Status Code: 404

ThrottlingException

The request failed because you exceeded a rate limit for this operation. For more information, see Quotas for Resource Explorer.

HTTP Status Code: 429

Examples

Example

The following example shows how to configure Resource Explorer multi-account search for your organization.

Sample Request

POST /GetAccountLevelServiceConfiguration HTTP/1.1
Host: resource-explorer-2.us-east-1.amazonaws.com
X-Amz-Date: 20221101T200059Z
Accept-Encoding: identity
User-Agent: <UserAgentString>
Content-Length: <PayloadSizeBytes>
Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=<Headers>, Signature=<Signature>

Sample Response

HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 20:00:59 GMT
Content-Type: application/json
Content-Length: <PayloadSizeBytes>

{
    "OrgConfiguration": {
        "AWSServiceAccessStatus": "ENABLED",
        "ServiceLinkedRole": "arn:aws:iam::123456789012:role/aws-service-role/resource-explorer-2.amazonaws.com/AWSServiceRoleForResourceExplorer"
      }
 }

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

Next topic:

GetDefaultView

Need help?

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.