aws.organizations.account
**Autogenerated function**
Removes the specified account from the organization.The removed account becomes a standalone
account that isn't a member of any organization. It's no longer subject to any policies and
is responsible for its own bill payments. The organization's management account is no longer
charged for any expenses accrued by the member account after it's removed from the organization.
This operation can be called only from the organization's management account. Member accounts
can remove themselves with LeaveOrganization instead.
Args:
name(Text): Name of the member account
resource_id(Text): AWS account ID to identify the resource
Returns:
Dict[str, Any]
Examples:
.. code-block:: sls
[account_id]:
aws.organizations.organization.absent:
- name: value
**Autogenerated function**
Lists all the accounts in the organization. To request only the accounts in a specified root or organizational
unit (OU), use the ListAccountsForParent operation instead.
Returns:
Dict[str, Any]
Examples:
.. code-block:: bash
$ idem describe aws.organizations.account
**Autogenerated function**
Creates an AWS account that is automatically a member of the organization whose credentials made the request.
This is an asynchronous request that AWS performs in the background. Because CreateAccount operates asynchronously,
it can return a successful completion message even though account initialization might still be in progress.
You might need to wait a few minutes before you can successfully access the account
Args:
name(Text): The friendly name of the member account.
email(Text): The email address of the owner to assign to the new member account. This email
address must not already be associated with another AWS account
role_name(Text,Optional): The name of an IAM role that AWS Organizations automatically preconfigures in the
new member account. This role trusts the management account, allowing users in the
management account to assume the role, as permitted by the management account
administrator. The role has administrator permissions in the new member account.
If you don't specify this parameter, the role name defaults to OrganizationAccountAccessRole.
iam_user_access_to_billing(Text,Optional,Default:'ALLOW'): If set to ALLOW , the new account enables IAM users to access account
billing information if they have the required permissions. If set to DENY ,
only the root user of the new account can access account billing information.
resource_id(Text,Optional): AWS account ID to identify the resource
parent_id(Text,Optional): Parent Organizational Unit ID or Root ID for the account. Defaults to the Organization default Root ID
tags(List or Dict, optional): list of tags in the format of [{"Key": tag-key, "Value": tag-value}] or dict in the format of
{tag-key: tag-value}
Request Syntax:
[account-id]:
aws.organizations.account.present:
- name: 'string'
- resource_id: 'string'
- email: 'string'
- role_name: 'string'
- iam_user_access_to_billing: 'string'
- parent_id: 'string'
- tags:
- Key: 'string'
Value: 'string'
Returns:
Dict[str, Any]
Examples:
.. code-block:: sls
764144542382:
aws.organizations.account.present:
- name: name_of_new_account
- resource_id: new-account_id
- email: xyz@email.com
- role_name: role_name1
- iam_user_access_to_billing: ALLOW
- parent_id : ou108811
- tags:
- Key: test-key
Value: test-value
- Key: test-key-1
Value: test-key-1
Full plugin documentation is available on the Idem documentation site - aws.organizations.account .