1 Answer
- Newest
- Most votes
- Most comments
1
Only the management account has access to create AWS accounts in the AWS organization, invite other existing accounts to the AWS organization, remove accounts from the AWS organization and move accounts to different OUs. Hence, this role could not be delegated to another member account. Hence, you should follow the security best practices for your Org Management account. Please refer here for more details.
Please refer here for the list of services that supports delegated admin.
Thank you
Relevant content
- asked 2 years ago
- asked 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 4 years ago
This announcement you mentioned is only relevant for AWS SSO service (that SSO management can be delegated to another account in the Org, and it doesn't have to be existing Management Payer account anymore, as it used to be in the past).