Required role for AWS Member Account Migration to another AWS Organization account

0

which role ( IAM Permissions) I need in destination AWS Org Account to migrate an AWS Account from its Current AWS Organization Account

sara
已提问 2 个月前168 查看次数
1 回答
1
已接受的回答

if you need to migrate an AWS account from one organization to another, the first action would be to leave the current organization and after that join another

To leave an AWS organization, you must have the following permissions: organizations:DescribeOrganization – required only when using the Organizations console. organizations:LeaveOrganization – Note that the organization administrator can apply a policy to your account that removes this permission, preventing you from removing your account from the organization. If you sign in as an IAM user and the account is missing payment information, the user must have either aws-portal:ModifyBilling and aws-portal:ModifyPaymentMethods permissions (if the account has not yet migrated to fine-grained permissions) OR payments:CreatePaymentInstrument and payments:UpdatePaymentPreferences permissions (if the account has migrated to fine-grained permissions). Also, the member account must have IAM user access to billing enabled. If this isn't already enabled, see Activating Access to the Billing and Cost Management Console in the AWS Billing User Guide.

https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_leave-as-member.html

after that you need to invite the account from the Management account on the destination organization

To invite an AWS account to join your organization, you must have the following permissions: organizations:DescribeOrganization (console only) organizations:InviteAccountToOrganization

https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_invites.html

profile picture
专家
已回答 2 个月前
profile picture
专家
A_J
已审核 2 个月前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则