Skip to content
This repository has been archived by the owner on Oct 2, 2023. It is now read-only.

organizations:ListAccounts #23

Open
ekkards opened this issue Nov 15, 2017 · 3 comments
Open

organizations:ListAccounts #23

ekkards opened this issue Nov 15, 2017 · 3 comments

Comments

@ekkards
Copy link
Contributor

ekkards commented Nov 15, 2017

Even when the permission is granted via policy, the operation may fail with AccessDeniedException

  • Service: organizations
  • Action: ListAccounts

This apparently can happen, if the operation is called from within an account, which is subordinated to another account, eg. for consolidated billing. Then the organization hierarchy supersedes the assigned permission.
@michaelwittig
Copy link
Contributor

Just to make sure that I understand this: The API actions only work in the org's root account ?

@ekkards
Copy link
Contributor Author

ekkards commented Nov 18, 2017

The API action ListAccounts works in the org's root account,
it does not work in the account, which has consolidated billing to the root account.
No information about other situations, i.e. not sure about "only".

@kalinon
Copy link

kalinon commented Jun 30, 2023

i am also seeing this behavior.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@michaelwittig @kalinon @ekkards