RAM / Client / enable_sharing_with_aws_organization

enable_sharing_with_aws_organization#

RAM.Client.enable_sharing_with_aws_organization()#

Enables resource sharing within your organization in Organizations. This operation creates a service-linked role called AWSServiceRoleForResourceAccessManager that has the IAM managed policy named AWSResourceAccessManagerServiceRolePolicy attached. This role permits RAM to retrieve information about the organization and its structure. This lets you share resources with all of the accounts in the calling account’s organization by specifying the organization ID, or all of the accounts in an organizational unit (OU) by specifying the OU ID. Until you enable sharing within the organization, you can specify only individual Amazon Web Services accounts, or for supported resource types, IAM roles and users.

You must call this operation from an IAM role or user in the organization’s management account.

See also: AWS API Documentation

Request Syntax

response = client.enable_sharing_with_aws_organization()
Return type:

dict

Returns:

Response Syntax

{
    'returnValue': True|False
}

Response Structure

  • (dict) –

    • returnValue (boolean) –

      A return value of true indicates that the request succeeded. A value of false indicates that the request failed.

Exceptions

  • RAM.Client.exceptions.OperationNotPermittedException

  • RAM.Client.exceptions.ServerInternalException

  • RAM.Client.exceptions.ServiceUnavailableException