- Newest
- Most votes
- Most comments
Hello,
When you create an organization, you have the management account (the account that created the organization) and the member account (any other account). To prevent this error, you must create a member account and then delegate that account as the administrator.
Hi @Julian. Thank you for your reply.
Since I don't need another account right now, is there any strong reason I should delegate an administrator? I'm struggling to understand what the purpose of doing this is, even if I had multiple accounts? What happens if I just don't delegate, what are the implications?
Edit: Ahh, not to worry I found the answer. In the docs. I definitely don’t need to delegate :)
*Enabling delegated administration provides the following benefits:
-
Minimizes the number of people who require access to the management account to help mitigate security concerns
-
Allows select administrators to assign users and groups to applications and to your organization's member accounts*
Relevant content
- asked a year ago
- asked 4 months ago
- Accepted Answerasked 9 months ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 4 years ago
You are not required to create a delegated administrator. It's a recommended security best practice. Here is more detail about delegated administrator: https://docs.aws.amazon.com/singlesignon/latest/userguide/delegated-admin.html