Document history for Amazon Organizations
The following table describes major documentation updates for Amazon Organizations.
-
API version: 2016-11-28
-
Latest documentation update: July 9, 2024
| Change | Description | Date |
|---|---|---|
Amazon Backup policies now support Amazon Elastic Block Store (Amazon EBS) snapshot archives. For updated examples, see Updating a backup policy and Backup policy syntax and examples. | July 9, 2024 | |
Added the | June 6, 2024 | |
Organizations now provides the capability to centrally update the root user email address for any member account in an organization. | June 6, 2024 | |
Added new | February 6, 2024 | |
Added links to considerations and detailed steps that walk through how to close a management account. | February 1, 2024 | |
Added new information to the best practices section to help align with IAM best practices. | June 12, 2023 | |
Updated the AWSOrganizationsFullAccess and AWSOrganizationsReadOnlyAccess managed policies | Both managed policies were updated to enable write or read access to contacts for accounts. | October 21, 2022 |
The managed policy was updated to allow creating an organization by adding the permission required to create the service linked role needed by a new organization. | August 24, 2022 | |
Organizations close account capability from the Amazon Organizations console | Principals in the management account can close member accounts from the Amazon Organizations console, and protect member accounts from accidental closure by using IAM policies. | March 29, 2022 |
Updated announcement to update alternate contacts with Amazon Organizations console | Organizations now provides ability to update alternate contacts for accounts within your organization using the Amazon Organizations console. Announce new capability and points to Account Management Reference for instructions. | February 8, 2022 |
Organizations managed policy updates - Update to an existing policy | Updated the AWSOrganizationsFullAccess and AWSOrganizationsReadOnlyAccess managed policies to allow account API permissions required to update or view account alternate contacts via the Amazon Organizations console. | February 7, 2022 |
You can integrate Amazon DevOps Guru with Amazon Organizations to monitor application health holistically across all of your organization accounts and gain insights. | January 3, 2022 | |
You can integrate Amazon Detective with Amazon Organizations to ensure that your Detective behavior graph provides visibility into the activity for all of your organization accounts. | December 16, 2021 | |
You can use a delegated administrator account to aggregate resource configuration and compliance data from all of the member accounts your organization. For more information, see Multi-account multi-region data aggregationin the Amazon Config Developer Guide. | June 16, 2021 | |
You can now designate a member account in your organization to be the Firewall Manager administrator for the entire organization. This allows for better separation of permissions from the organization's management account. | April 30, 2021 | |
You can use the Amazon Backup continuous backups feature with your organization's backup policies. | March 10, 2021 | |
You can now designate a member account in your organization to be the Amazon CloudFormation StackSets administrator for the entire organization. This allows for better separation of permissions from the organization's management account. | February 18, 2021 | |
Amazon updated the process to enable all features in an organization. You can now continue to invite new accounts to join your organization while you wait for existing accounts to respond to their invitations. | February 3, 2021 | |
Introduces version 2.0 of the Amazon Organizations console | Amazon introduced a new version of the Amazon console. All of the documentation has been updated to reflect the new way of performing tasks. | January 21, 2021 |
Organizations now supports integration with Amazon Web Services Marketplace | You can now enable Amazon Web Services Marketplace to more easily share your software licenses across all of the accounts in your organization. | December 3, 2020 |
Amazon S3 Lens supports both trusted access and delegated administrator with Organizations. For details, see Amazon S3 Storage Lens in the Amazon Simple Storage Service User Guide. | November 18, 2020 | |
When you use backup policies to backup the resources in your organization, you can now store copies of your backup in other Amazon Web Services accounts in the organization. | November 18, 2020 | |
Amazon Web Services Regions in China now support Amazon Resource Access Manager as an Organizations trusted service | You can now use Amazon RAM features that integrate with Organizations as a trusted service when you use Organizations and Amazon RAM in China. | November 18, 2020 |
Organizations now supports integration with Amazon Security Hub | You can enable Security Hub across all of the accounts in your organization, and designate one of your organization's member accounts as the delegated administrator account for Security Hub. | November 12, 2020 |
Renamed the master account | Amazon Organizations changed the name of the “master account” to “management account”. This is a name change only, and there is no change in functionality. | October 20, 2020 |
Added a new section for best practices for Amazon Organizations. The new section includes topics that discuss best practices for the management account and member account root users and password management. | October 6, 2020 | |
There is a new section for topics that describe best practices for Amazon Organizations. This update includes a topic for best practices for an organization's management account and a topic for best practices for member accounts. | October 2, 2020 | |
Backup policies support a new | September 24, 2020 | |
Organizations supports tag-on-create and tag-based access control | You can add tags to Organizations resources when you create them. You can use tag policies to standardize tag usage on Organizations resources. You can use IAM policies to restrict access to only resources that have specified tag keys and values. | September 15, 2020 |
You can aggregate Amazon Health events across accounts in your organization. | August 4, 2020 | |
You can use AI services opt-out policies to control whether Amazon AI services may store and use customer content processed by those services (AI content) for the development and continuous improvement of Amazon AI services and technologies. | July 8, 2020 | |
You can use backup policies to create and enforce backup policies across all of the accounts in your organization. | June 24, 2020 | |
Enables you to delegate administrative access for Access Analyzer in your organization to a designated member account. | March 30, 2020 | |
You can create a service-managed stack set to deploy stack instances to accounts managed by Amazon Organizations. | February 11, 2020 | |
Compute Optimizer was added as a service that can work with accounts in your organization. | February 4, 2020 | |
You can use tag policies to help standardize tags across resources in your organization's accounts. | November 26, 2019 | |
You can synchronize operations data across all Amazon Web Services accounts in your organization in Systems Manager Explorer. | November 26, 2019 | |
New global condition key checks the Amazon Organizations path for the IAM user, IAM role, or Amazon Web Services account root user who is making the request. | November 20, 2019 | |
You can use Amazon Config API operations to manage Amazon Config rules across all Amazon Web Services accounts in your organization. | July 8, 2019 | |
Service Quotas added as a service that can work with the accounts in your organization. | June 24, 2019 | |
Amazon Control Tower added as a service that can work with the accounts in your organization. | June 24, 2019 | |
IAM provides service last accessed data for your organization's entities (the organization root, OUs, and accounts). You can use this data to restrict access to only the Amazon services that you need. | June 20, 2019 | |
You can tag and untag accounts in your organization and view tags on an account in your organization. | June 6, 2019 | |
Resources, conditions, and the | You can now specify resources, conditions, and the | March 25, 2019 |
Amazon License Manager and Service Catalog added as services that can work with the accounts in your organization. | December 21, 2018 | |
Amazon CloudTrail and Amazon RAM added as services that can work with the accounts in your organization. | December 4, 2018 | |
Amazon Directory Service added as a service that can work with the accounts in your organization. | September 25, 2018 | |
You must verify that you own the email address that is associated with the management account before you can invite existing accounts to your organization. | September 20, 2018 | |
| June 28, 2018 | |
Amazon Artifact added as a service that can work with the accounts in your organization. | June 20, 2018 | |
Amazon Config and Amazon Firewall Manager added as services that can work with the accounts in your organization. | April 18, 2018 | |
You can now enable or disable access for select Amazon services to work in the accounts in your organization. IAM Identity Center is the initial supported trusted service. | March 29, 2018 | |
You can now remove accounts that were created from within Amazon Organizations without contacting Amazon Web Services Support. | December 19, 2017 | |
Amazon Organizations now supports integration with Amazon IAM Identity Center (IAM Identity Center). | December 7, 2017 | |
Amazon added a service-linked role to all organization accounts | A service-linked role named | October 11, 2017 |
You can now remove created accounts | Customers can now remove created accounts from their organization, with help from Amazon Web Services Support. | June 15, 2017 |
Initial version of the Amazon Organizations documentation that accompanied the launch of the new service. | February 17, 2017 |