使用 AWS Organizations 管理待处理的账户邀请 - AWS Organizations

使用 AWS Organizations 管理待处理的账户邀请

登录到管理账户后,您可以查看组织中的所有关联AWS 账户并取消任何待处理(未结)邀请。为此,请完成以下步骤。

最小权限

要管理组织的待处理邀请,您必须拥有以下权限:

  • organizations:DescribeOrganization – 仅当使用 Organizations 控制台时才需要

  • organizations:ListHandshakesForOrganization

  • organizations:CancelHandshake

AWS Management Console
查看或取消从您的组织发送到其他账户的邀请
  1. 登录 AWS Organizations 控制台。您必须以 IAM 用户的身份登录,担任 IAM 角色;或在组织的管理账户中以根用户的身份登录(不推荐)。

  2. 导航到 Invitations (邀请) 页面。

    此页面显示从您的组织发送的所有邀请及其当前状态。

    注意

    已接受、已取消和已拒绝的邀请将继续在列表中显示 30 天。之后,这些邀请将被删除,不再在列表中显示。

  3. 选择要取消的邀请旁边的单选按钮 Blue circular icon with a white checkmark symbol in the center. ,然后选择 Cancel invitation (取消邀请)。如果单选按钮呈灰色,则无法取消该邀请。

    邀请的状态将从 Open (待接受) 更改为 Canceled (已取消)

    AWS 会发送电子邮件消息到账户拥有者,说明您已取消邀请。除非您发送新邀请,否则账户无法再加入组织。

AWS CLI & AWS SDKs
查看或取消从您的组织发送到其他账户的邀请

您可以使用以下命令来查看或取消邀请:

  • AWS CLI:list-handshakes-for-organizationcancel-handshake

  • 以下示例显示了此组织向其他账户发送的邀请。

    $ aws organizations list-handshakes-for-organization { "Handshakes": [ { "Action": "INVITE", "Arn": "arn:aws:organizations::111111111111:handshake/o-exampleorgid/invite/h-examplehandshakeid111", "ExpirationTimestamp": 1482952459.257, "Id": "h-examplehandshakeid111", "Parties": [ { "Id": "o-exampleorgid", "Type": "ORGANIZATION" }, { "Id": "juan@example.com", "Type": "EMAIL" } ], "RequestedTimestamp": 1481656459.257, "Resources": [ { "Resources": [ { "Type": "MASTER_EMAIL", "Value": "bill@amazon.com" }, { "Type": "MASTER_NAME", "Value": "Management Account" }, { "Type": "ORGANIZATION_FEATURE_SET", "Value": "FULL" } ], "Type": "ORGANIZATION", "Value": "o-exampleorgid" }, { "Type": "EMAIL", "Value": "juan@example.com" }, { "Type":"NOTES", "Value":"This is an invitation to Juan's account to join Bill's organization." } ], "State": "OPEN" }, { "Action": "INVITE", "State":"ACCEPTED", "Arn": "arn:aws:organizations::111111111111:handshake/o-exampleorgid/invite/h-examplehandshakeid111", "ExpirationTimestamp": 1.471797437427E9, "Id": "h-examplehandshakeid222", "Parties": [ { "Id": "o-exampleorgid", "Type": "ORGANIZATION" }, { "Id": "anika@example.com", "Type": "EMAIL" } ], "RequestedTimestamp": 1.469205437427E9, "Resources": [ { "Resources": [ { "Type":"MASTER_EMAIL", "Value":"bill@example.com" }, { "Type":"MASTER_NAME", "Value":"Management Account" } ], "Type":"ORGANIZATION", "Value":"o-exampleorgid" }, { "Type":"EMAIL", "Value":"anika@example.com" }, { "Type":"NOTES", "Value":"This is an invitation to Anika's account to join Bill's organization." } ] } ] }

    以下示例说明如何取消对账户的邀请。

    $ aws organizations cancel-handshake --handshake-id h-examplehandshakeid111 { "Handshake": { "Id": "h-examplehandshakeid111", "State":"CANCELED", "Action": "INVITE", "Arn": "arn:aws:organizations::111111111111:handshake/o-exampleorgid/invite/h-examplehandshakeid111", "Parties": [ { "Id": "o-exampleorgid", "Type": "ORGANIZATION" }, { "Id": "susan@example.com", "Type": "EMAIL" } ], "Resources": [ { "Type": "ORGANIZATION", "Value": "o-exampleorgid", "Resources": [ { "Type": "MASTER_EMAIL", "Value": "bill@example.com" }, { "Type": "MASTER_NAME", "Value": "Management Account" }, { "Type": "ORGANIZATION_FEATURE_SET", "Value": "CONSOLIDATED_BILLING" } ] }, { "Type": "EMAIL", "Value": "anika@example.com" }, { "Type": "NOTES", "Value": "This is a request for Susan's account to join Bob's organization." } ], "RequestedTimestamp": 1.47008383521E9, "ExpirationTimestamp": 1.47137983521E9 } }
  • AWS SDK:ListHandshakesForOrganizationCancelHandshake