Delegated administrator settings in License Manager - Amazon License Manager
Regions supported for delegated administratorsSupported RegionsRegister a delegated administratorDeregister a delegated administrator
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Delegated administrator settings in License Manager

You can register a delegated administrator to perform administrative tasks for managed licenses and Linux subscriptions in License Manager. To simplify administration, we recommend using the License Manager console to register a single delegated administrator for each feature of License Manager. When you use this approach, you will have a single delegated administrator in your organization for License Manager.

Using the Amazon CLI or SDKs, you can register different member accounts in your organization as the delegated administrator for each supported feature of License Manager. This results in different member accounts in your organization being able to perform administrative tasks for managed licenses and Linux subscriptions.

Important

To use the delegated administration features in the License Manager console, you must have the same member account registered as the delegated administrator for each feature of License Manager. If you registered more than one member account as the delegated administrator, you first have to deregister the existing member accounts, and then register the same account for each feature of License Manager.

Before you register a delegated administrator, you must enable trusted access with Organizations. For more information, see Inviting an Amazon account to join your organization and Enable trusted access with Amazon Organizations.

The following are the features for which you can register a delegated administrator:

Managed licenses

You can perform administrative tasks, such as sharing self-managed licenses with other member accounts, performing cross-account resource discovery, and distributing managed entitlements to other member accounts.

Linux subscriptions

You can perform administrative tasks, such as viewing and managing commercial Linux subscriptions you own and run across Amazon Web Services Regions and your accounts in Amazon Organizations. You can also create and manage Amazon CloudWatch alarms for your Linux subscriptions. The data must first be discovered and aggregated before it is visible in the License Manager console and any alarms can function if they are configured.

Important

Once registered, the delegated administrator has visibility into EC2 instances owned by accounts in your organization.

You can register and deregister delegated administrators using the Amazon License Manager console, Amazon CLI, or Amazon SDKs.

Regions supported for delegated License Manager administrators

The following Regions support License Manager delegated administrators:

  • US East (Ohio)

  • US East (N. Virginia)

  • US West (N. California)

  • US West (Oregon)

  • Asia Pacific (Mumbai)

  • Asia Pacific (Seoul)

  • Asia Pacific (Singapore)

  • Asia Pacific (Sydney)

  • Asia Pacific (Tokyo)

  • Asia Pacific (Hong Kong)

  • Middle East (Bahrain)

  • Canada (Central)

  • Europe (Frankfurt)

  • Europe (Ireland)

  • Europe (London)

  • Europe (Paris)

  • Europe (Stockholm)

  • Europe (Milan)

  • Africa (Cape Town)

  • South America (São Paulo)

Show moreShow less

Register a delegated License Manager administrator

You can register a delegated administrator using the Amazon CLI or Amazon Web Services Management Console.

Console

To register a delegated administrator using the Amazon License Manager console, perform the following steps:

  1. Sign in to Amazon as the administrator of the management account.

  2. Open the License Manager console at https://console.amazonaws.cn/license-manager/.

  3. Choose Settings from the left navigation pane.

  4. Choose the Delegated administration tab.

  5. Choose Register delegated administrator.

  6. Enter the member account ID to register as the delegated administrator, confirm that you want to grant License Manager the required permissions, and then choose Register.

  7. A message indicates if the specified account has been successfully registered as the delegated administrator License Manager.

Amazon CLI

To register a delegated administrator for managed licenses using the Amazon CLI, perform the following steps:

  1. From the command line, run the following Amazon CLI command:

    aws organizations register-delegated-administrator --service-principal=license-manager.amazonaws.com --account-id=<account-id>

  2. Run the following command to verify that the specified account is successfully registered as the delegated administrator:

    aws organizations list-delegated-administrators --service-principal=license-manager.amazonaws.com

To register a delegated administrator for Linux subscriptions using the Amazon CLI, perform the following steps:

  1. From the command line, run the following Amazon CLI command:

    aws organizations register-delegated-administrator --service-principal=license-manager-linux-subscriptions.amazonaws.com --account-id=<account-id>

  2. Run the following command to verify that the specified account is successfully registered as the delegated administrator:

    aws organizations list-delegated-administrators --service-principal=license-manager-linux-subscriptions.amazonaws.com

Deregister a delegated License Manager administrator

You can deregister a delegated administrator using the Amazon CLI or Amazon Web Services Management Console.

Console

To deregister a delegated administrator using the Amazon License Manager console, perform the following steps:

  1. Sign in to Amazon as the administrator of the management account.

  2. Open the License Manager console at https://console.amazonaws.cn/license-manager/.

  3. Choose Settings from the left navigation pane.

  4. Choose the Delegated administration tab.

  5. Choose Remove.

  6. Enter the text remove to confirm you would like to remove the delegated administrator for License Manager and choose Remove.

  7. A message indicates if the specified account has been successfully removed the delegated administrator for License Manager.

Amazon CLI

To deregister a delegated administrator for managed licenses using the Amazon CLI, perform the following steps:

  1. From the command line, run the following Amazon CLI command:

    aws organizations deregister-delegated-administrator --service-principal=license-manager.amazonaws.com --account-id=<account-id>

  2. Run the following command to verify that the specified account is successfully deregistered as the delegated administrator:

    aws organizations list-delegated-administrators --service-principal=license-manager.amazonaws.com

To deregister a delegated administrator for Linux subscriptions using the Amazon CLI, perform the following steps:

  1. From the command line, run the following Amazon CLI command:

    aws organizations deregister-delegated-administrator --service-principal=license-manager-linux-subscriptions.amazonaws.com --account-id=<account-id>

  2. Run the following command to verify that the specified account is successfully deregistered as the delegated administrator:

    aws organizations list-delegated-administrators --service-principal=license-manager-linux-subscriptions.amazonaws.com

You can register a deregistered account again at any time.