AmazonIdentityManagementServiceClient.EnableOrganizationsRootSessions Method (EnableOrganizationsRootSessionsRequest)

Allows the management account or delegated administrator to perform privileged tasks on member accounts in your organization. For more information, see Centrally manage root access for member accounts in the Identity and Access Management User Guide.

Before you enable this feature, you must have an account configured with the following settings:

You must manage your Amazon Web Services accounts in Organizations.
Enable trusted access for Identity and Access Management in Organizations. For details, see IAM and Organizations in the Organizations User Guide.

Note:

For .NET Core this operation is only available in asynchronous form. Please refer to EnableOrganizationsRootSessionsAsync.

Namespace: Amazon.IdentityManagement
Assembly: AWSSDK.IdentityManagement.dll
Version: 3.x.y.z

Syntax

public virtual EnableOrganizationsRootSessionsResponse EnableOrganizationsRootSessions(
         EnableOrganizationsRootSessionsRequest request
)

Parameters

request: Type: Amazon.IdentityManagement.Model.EnableOrganizationsRootSessionsRequest

Container for the necessary parameters to execute the EnableOrganizationsRootSessions service method.

Return Value

Type: EnableOrganizationsRootSessionsResponse

The response from the EnableOrganizationsRootSessions service method, as returned by IdentityManagementService.

Exceptions

Exception	Condition
AccountNotManagementOrDelegatedAdministratorException	The request was rejected because the account making the request is not the management account or delegated administrator account for centralized root access.
CallerIsNotManagementAccountException	The request was rejected because the account making the request is not the management account for the organization.
OrganizationNotFoundException	The request was rejected because no organization is associated with your account.
OrganizationNotInAllFeaturesModeException	The request was rejected because your organization does not have All features enabled. For more information, see Available feature sets in the Organizations User Guide.
ServiceAccessNotEnabledException	The request was rejected because trusted access is not enabled for IAM in Organizations. For details, see IAM and Organizations in the Organizations User Guide.

Examples

The following command allows the management account or delegated administrator to perform privileged tasks on member accounts in your organization.

To enable the RootSessions feature in your organization


var client = new AmazonIdentityManagementServiceClient();
var response = client.EnableOrganizationsRootSessions(new EnableOrganizationsRootSessionsRequest 
{
});

List<string> enabledFeatures = response.EnabledFeatures;
string organizationId = response.OrganizationId;

Version Information

.NET Framework:
Supported in: 4.5 and newer, 3.5

AmazonIdentityManagementServiceClient.EnableOrganizationsRootSessions (EnableOrganizationsRootSessionsRequest)

Method