Required role for AWS Member Account Migration to another AWS Organization account


which role ( IAM Permissions) I need in destination AWS Org Account to migrate an AWS Account from its Current AWS Organization Account

質問済み 2ヶ月前162ビュー

if you need to migrate an AWS account from one organization to another, the first action would be to leave the current organization and after that join another

To leave an AWS organization, you must have the following permissions: organizations:DescribeOrganization – required only when using the Organizations console. organizations:LeaveOrganization – Note that the organization administrator can apply a policy to your account that removes this permission, preventing you from removing your account from the organization. If you sign in as an IAM user and the account is missing payment information, the user must have either aws-portal:ModifyBilling and aws-portal:ModifyPaymentMethods permissions (if the account has not yet migrated to fine-grained permissions) OR payments:CreatePaymentInstrument and payments:UpdatePaymentPreferences permissions (if the account has migrated to fine-grained permissions). Also, the member account must have IAM user access to billing enabled. If this isn't already enabled, see Activating Access to the Billing and Cost Management Console in the AWS Billing User Guide.

after that you need to invite the account from the Management account on the destination organization

To invite an AWS account to join your organization, you must have the following permissions: organizations:DescribeOrganization (console only) organizations:InviteAccountToOrganization

profile picture
回答済み 2ヶ月前
profile picture
レビュー済み 2ヶ月前

ログインしていません。 ログイン 回答を投稿する。