Linux command
aws-organizations 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Describe the organization
aws organizations describe-organization
List all accounts
aws organizations list-accounts
List organizational units
aws organizations list-organizational-units-for-parent --parent-id [r-xxxx|ou-xxxx-xxxxxxxx]
Create a new account
aws organizations create-account --account-name "[Account Name]" --email [admin@example.com]
Move an account
aws organizations move-account --account-id [123456789012] --source-parent-id [ou-source] --destination-parent-id [ou-dest]
List policies
aws organizations list-policies --filter SERVICE_CONTROL_POLICY
Attach a policy
aws organizations attach-policy --policy-id [p-xxxxxxxx] --target-id [account-id|ou-id]
List accounts for a parent
aws organizations list-accounts-for-parent --parent-id [ou-xxxx-xxxxxxxx]
说明
aws organizations is a subcommand of the AWS CLI that manages AWS Organizations, a service for centrally managing multiple AWS accounts. It enables consolidated billing, account creation, and policy-based governance. Organizations have a hierarchical structure: a root containing organizational units (OUs) and accounts. Service Control Policies (SCPs) set permission guardrails that apply to all principals in target accounts or OUs, restricting what actions can be performed. The management account (formerly master) creates and controls the organization. Member accounts can be created within the organization or invited from existing accounts.
参数
- describe-organization
- Get organization details and features.
- list-accounts
- List all accounts in the organization.
- list-roots
- List organization roots.
- list-organizational-units-for-parent
- List OUs under a parent.
- list-accounts-for-parent
- List accounts directly in an OU.
- create-account
- Create a new member account.
- create-organizational-unit
- Create a new OU.
- move-account
- Move account between OUs.
- list-policies
- List policies of a given type.
- create-policy
- Create a new policy.
- attach-policy
- Attach policy to a target.
- detach-policy
- Remove policy from a target.
- describe-account
- Get account details.
- --parent-id _id_
- Root or OU identifier.
- --account-id _id_
- 12-digit AWS account ID.
- --policy-id _id_
- Policy identifier.
- --target-id _id_
- Account, OU, or root to target.
- --filter _type_
- Policy type filter: SERVICE_CONTROL_POLICY, TAG_POLICY, BACKUP_POLICY, AISERVICES_OPT_OUT_POLICY.
FAQ
What is the aws-organizations command used for?
aws organizations is a subcommand of the AWS CLI that manages AWS Organizations, a service for centrally managing multiple AWS accounts. It enables consolidated billing, account creation, and policy-based governance. Organizations have a hierarchical structure: a root containing organizational units (OUs) and accounts. Service Control Policies (SCPs) set permission guardrails that apply to all principals in target accounts or OUs, restricting what actions can be performed. The management account (formerly master) creates and controls the organization. Member accounts can be created within the organization or invited from existing accounts.
How do I run a basic aws-organizations example?
Run `aws organizations describe-organization` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does describe-organization do in aws-organizations?
Get organization details and features.