register_delegated_administrator

Organizations.Client.register_delegated_administrator(**kwargs)

Enables the specified member account to administer the Organizations features of the specified Amazon Web Services service. It grants read-only access to Organizations service data. The account still requires IAM permissions to access and administer the Amazon Web Services service.

You can run this action only for Amazon Web Services services that support this feature. For a current list of services that support it, see the column Supports Delegated Administrator in the table at Amazon Web Services Services that you can use with Organizations in the Organizations User Guide.

This operation can be called only from the organization's management account.

See also: AWS API Documentation

Request Syntax

response = client.register_delegated_administrator(
    AccountId='string',
    ServicePrincipal='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID number of the member account in the organization to register as a delegated administrator.

  • ServicePrincipal (string) --

    [REQUIRED]

    The service principal of the Amazon Web Services service for which you want to make the member account a delegated administrator.

Returns

None

Exceptions

  • Organizations.Client.exceptions.AccessDeniedException
  • Organizations.Client.exceptions.AccountAlreadyRegisteredException
  • Organizations.Client.exceptions.AccountNotFoundException
  • Organizations.Client.exceptions.AWSOrganizationsNotInUseException
  • Organizations.Client.exceptions.ConcurrentModificationException
  • Organizations.Client.exceptions.ConstraintViolationException
  • Organizations.Client.exceptions.InvalidInputException
  • Organizations.Client.exceptions.TooManyRequestsException
  • Organizations.Client.exceptions.ServiceException
  • Organizations.Client.exceptions.UnsupportedAPIEndpointException