organizations_disable_aws_service_access: Disables the integration of an AWS service (the service that...

Description Usage Arguments Value Request syntax

View source: R/organizations_operations.R


Disables the integration of an AWS service (the service that is specified by ServicePrincipal) with AWS Organizations. When you disable integration, the specified service no longer can create a service-linked role in new accounts in your organization. This means the service can't perform operations on your behalf on any new accounts in your organization. The service can still perform operations in older accounts until the service completes its clean-up from AWS Organizations.

We recommend that you disable integration between AWS Organizations and the specified AWS service by using the console or commands that are provided by the specified service. Doing so ensures that the other service is aware that it can clean up any resources that are required only for the integration. How the service cleans up its resources in the organization's accounts depends on that service. For more information, see the documentation for the other AWS service.

After you perform the disable_aws_service_access operation, the specified service can no longer perform operations in your organization's accounts unless the operations are explicitly permitted by the IAM policies that are attached to your roles.

For more information about integrating other services with AWS Organizations, including the list of services that work with Organizations, see Integrating AWS Organizations with Other AWS Services in the AWS Organizations User Guide.

This operation can be called only from the organization's management account.





[required] The service principal name of the AWS service for which you want to disable integration with your organization. This is typically in the form of a URL, such as


An empty list.

Request syntax

  ServicePrincipal = "string"
) documentation built on Aug. 23, 2021, 9:11 a.m.