IAM / Client / disable_organizations_root_sessions

disable_organizations_root_sessions

IAM.Client.disable_organizations_root_sessions()

Disables root user sessions for privileged tasks across member accounts in your organization. When you disable this feature, the management account and the delegated admininstrator for IAM can no longer perform privileged tasks on member accounts in your organization.

See also: AWS API Documentation

Request Syntax

response = client.disable_organizations_root_sessions()

Return type:

dict

Returns:

Response Syntax

{
    'OrganizationId': 'string',
    'EnabledFeatures': [
        'RootCredentialsManagement'|'RootSessions',
    ]
}

Response Structure

• (dict) –

  • OrganizationId (string) –

    The unique identifier (ID) of an organization.

  • EnabledFeatures (list) –

    The features you have enabled for centralized root access of member accounts in your organization.

    • (string) –

Exceptions

• IAM.Client.exceptions.ServiceAccessNotEnabledException

• IAM.Client.exceptions.AccountNotManagementOrDelegatedAdministratorException

• IAM.Client.exceptions.OrganizationNotFoundException

• IAM.Client.exceptions.OrganizationNotInAllFeaturesModeException