Once you've created your member account, it's time to put it to work!
An IAM role will be present in the new account, with a default name of OrganizationAccountAccessRole. This is so you can assume the role (from your master account) and administer the member account. While this name is as good as any, it can be configured by passing the --role-name argument when creating the account.
In order to assume the role, you need to know its Amazon Resource Name (ARN). Working out the ARN is a multi-step process:
- List your member accounts by running the following command in your master account:
aws organizations list-accounts
- Find the account you created (by its name) and note the ID value in the record. Using that ...