Resource Schema for ProServe::Organizations::Account
To declare this entity in your AWS CloudFormation template, use the following syntax:
{
"Type" : "ProServe::Organizations::Account",
"Properties" : {
"AccountName" : String,
"AccountEmail" : String,
"OrganizationalUnitId" : String,
"AlternateContacts" : AlternateContacts,
"OrganizationAccountAccessRoleName" : String,
"DeploymentAccountConfiguration" : DeploymentAccountConfiguration,
"Tags" : [ Tag, ... ],
"NotificationTopicArn" : String,
"CloseAccountOnDeletion" : Boolean
}
}
Type: ProServe::Organizations::Account
Properties:
AccountName: String
AccountEmail: String
OrganizationalUnitId: String
AlternateContacts: AlternateContacts
OrganizationAccountAccessRoleName: String
DeploymentAccountConfiguration: DeploymentAccountConfiguration
Tags:
- Tag
NotificationTopicArn: String
CloseAccountOnDeletion: Boolean
The friendly name of the member account.
Required: Yes
Type: String
Update requires: No interruption
The email address of the owner to assign to the new member account. This email address must not already be associated with another AWS account. You must use a valid email address to complete account creation. You can't access the root user of the account or remove an account that was created with an invalid email address.
Required: Yes
Type: String
Update requires: No interruption
The unique identifier (ID) of the root or organizational unit that you want to create the account in.
Required: Yes
Type: String
Update requires: No interruption
(Optional) Alternate contacts to be set
Required: No
Type: AlternateContacts
Update requires: No interruption
The name of an IAM role that AWS Organizations automatically preconfigures in the new member account. This role trusts the management account, allowing users in the management account to assume the role, as permitted by the management account administrator. The role has administrator permissions in the new member account.
If you don't specify this parameter, the role name defaults to OrganizationAccountAccessRole.
Required: No
Type: String
Update requires: Replacement
(Optional) A dedicated deployment account can be used to further enhance security. This configuration creates a second role within the newly created account. This role trusts the given deployment account, allowing users in the given deployment account to assume the role.
Required: No
Type: DeploymentAccountConfiguration
Update requires: Replacement
One or more tags.
Required: No
Type: List of Tag
Update requires: No interruption
The SNS topic ARN to which to publish failure reasons.
Required: No
Type: String
Update requires: No interruption
If set to true account will be closed by AWS CloudFormation. Otherwise, just parked in root organizational unit.
Required: No
Type: Boolean
Update requires: No interruption
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the AccountId.
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
The unique identifier (ID) of the account.
The unique identifier (ID) of the account creation request.