- Newest
- Most votes
- Most comments
Do you mean that the AWS Organizations management console shows something about the OU hierarchy when you switch your role away from the management account and into one of the member accounts or even an account outside the organisation?
AWS Organizations doesn't support that type of cross-account access. The Organizations APIs cannot be authorised to be called by principals in accounts other than the management account. This is documented in this article: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html in that resource-based policies aren't supported.
If your browser console shows some traces of the contents showed while you were logged in to the management account, that's just the browser retaining some of what it loaded before. There's no way an external account could query data about your AWS Organizations org.
Relevant content
- Accepted Answerasked 2 years ago
- AWS OFFICIALUpdated 4 years ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 years ago
yes the trace is it shows the OU account names that you give it when you are managing them from the managment account. But it might be the borwser as you mentioned, i am not sure if this is a good way to handle the accounts info. but anyway thank you for replying. please do comment on this if you give a try and check it for yourself Leo