2 Answers
- Newest
- Most votes
- Most comments
1
Some options/ideas
-
Use OrganizationAccountAccessRole or Create a role in each memeber account and assume that role from the management account to create the S3 Bucket
-
Use cloudformation stack that automaticlly creates an S3 bucket in member accounts whent they join the org
-
Use IAC (Cloudformation/Terraform) to create the new member account and S3 bucket at the same time.
1
Best practice is to not use the root account or create root access keys unless absolutely necessary. You can use roles within both accounts to accomplish what you want to do.
Relevant content
- AWS OFFICIALUpdated 2 months ago
- How do I move an account from an existing organization to another organization in AWS Organizations?AWS OFFICIALUpdated 17 days ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 2 years ago
If I want to create a role in each member account, I will need to login into the specific account through the console and create the role for it. I don't want to do that, I want to create all member accounts through API, and create buckets in the member accounts through API and never use the console (only the first time when I am setting everything up for the Main-Account)