IAM / Client / enable_organizations_root_sessions
enable_organizations_root_sessions#
- IAM.Client.enable_organizations_root_sessions()#
Allows the management account or delegated administrator to perform privileged tasks on member accounts in your organization. For more information, see Centrally manage root access for member accounts in the Identity and Access Management User Guide.
Before you enable this feature, you must have an account configured with the following settings:
You must manage your Amazon Web Services accounts in Organizations.
Enable trusted access for Identity and Access Management in Organizations. For details, see IAM and Organizations in the Organizations User Guide.
See also: AWS API Documentation
Request Syntax
response = client.enable_organizations_root_sessions()
- Return type:
dict
- Returns:
Response Syntax
{ 'OrganizationId': 'string', 'EnabledFeatures': [ 'RootCredentialsManagement'|'RootSessions', ] }
Response Structure
(dict) –
OrganizationId (string) –
The unique identifier (ID) of an organization.
EnabledFeatures (list) –
The features you have enabled for centralized root access.
(string) –
Exceptions
IAM.Client.exceptions.ServiceAccessNotEnabledExceptionIAM.Client.exceptions.AccountNotManagementOrDelegatedAdministratorExceptionIAM.Client.exceptions.OrganizationNotFoundExceptionIAM.Client.exceptions.OrganizationNotInAllFeaturesModeExceptionIAM.Client.exceptions.CallerIsNotManagementAccountException