- AWS Administration Cookbook
- Lucas Chan Rowan Udell
- 173字
- 2021-07-09 18:18:36
Accessing the member account
Once you've created your member account, it's time to put it to work!
An IAM role will be present in the new account, with a default name of OrganizationAccountAccessRole. This is so you can assume the role (from your master account) and administer the member account. While this name is as good as any, it can be configured by passing the --role-name argument when creating the account.
In order to assume the role, you need to know its Amazon Resource Name (ARN). Working out the ARN is a multi-step process:
- List your member accounts by running the following command in your master account:
aws organizations list-accounts
- Find the account you created (by its name) and note the ID value in the record. Using that ID, generate the role's ARN by following this pattern:
arn:aws:iam::<your-member-account-
id>:role/OrganizationAccountAccessRole
- If you have changed the created role's name, update the last part of the ARN accordingly.
See the recipes in Chapter 8, Security and Identity for information on how to best manage multiple accounts.
推薦閱讀
- 3D Printing with RepRap Cookbook
- Java實用組件集
- 手把手教你玩轉RPA:基于UiPath和Blue Prism
- 數據產品經理:解決方案與案例分析
- 統計策略搜索強化學習方法及應用
- Embedded Programming with Modern C++ Cookbook
- Building a BeagleBone Black Super Cluster
- Flink原理與實踐
- IBM? SmartCloud? Essentials
- 智能鼠原理與制作(進階篇)
- Cortex-M3嵌入式處理器原理與應用
- 樂高創意機器人教程(中級 上冊 10~16歲) (青少年iCAN+創新創意實踐指導叢書)
- 大型機系統應用基礎
- 教育創新與創新人才:信息技術人才培養改革之路(四)
- CPLD/FPGA技術應用