Put Admin Account
fms_put_admin_account | R Documentation |
Creates or updates an Firewall Manager administrator account¶
Description¶
Creates or updates an Firewall Manager administrator account. The
account must be a member of the organization that was onboarded to
Firewall Manager by associate_admin_account
. Only the organization's
management account can create an Firewall Manager administrator account.
When you create an Firewall Manager administrator account, the service
checks to see if the account is already a delegated administrator within
Organizations. If the account isn't a delegated administrator, Firewall
Manager calls Organizations to delegate the account within
Organizations. For more information about administrator accounts within
Organizations, see Managing the Amazon Web Services Accounts in Your
Organization.
Usage¶
Arguments¶
AdminAccount
[required] The Amazon Web Services account ID to add as an Firewall Manager administrator account. The account must be a member of the organization that was onboarded to Firewall Manager by
associate_admin_account
. For more information about Organizations, see Managing the Amazon Web Services Accounts in Your Organization.AdminScope
Configures the resources that the specified Firewall Manager administrator can manage. As a best practice, set the administrative scope according to the principles of least privilege. Only grant the administrator the specific resources or permissions that they need to perform the duties of their role.
Value¶
An empty list.
Request syntax¶
svc$put_admin_account(
AdminAccount = "string",
AdminScope = list(
AccountScope = list(
Accounts = list(
"string"
),
AllAccountsEnabled = TRUE|FALSE,
ExcludeSpecifiedAccounts = TRUE|FALSE
),
OrganizationalUnitScope = list(
OrganizationalUnits = list(
"string"
),
AllOrganizationalUnitsEnabled = TRUE|FALSE,
ExcludeSpecifiedOrganizationalUnits = TRUE|FALSE
),
RegionScope = list(
Regions = list(
"string"
),
AllRegionsEnabled = TRUE|FALSE
),
PolicyTypeScope = list(
PolicyTypes = list(
"WAF"|"WAFV2"|"SHIELD_ADVANCED"|"SECURITY_GROUPS_COMMON"|"SECURITY_GROUPS_CONTENT_AUDIT"|"SECURITY_GROUPS_USAGE_AUDIT"|"NETWORK_FIREWALL"|"DNS_FIREWALL"|"THIRD_PARTY_FIREWALL"|"IMPORT_NETWORK_FIREWALL"|"NETWORK_ACL_COMMON"
),
AllPolicyTypesEnabled = TRUE|FALSE
)
)
)