EnableOrganizationAdminAccount
Designates the Security Hub administrator account for an organization. Can only be called by the organization management account.
Request Syntax
POST /organization/admin/enable HTTP/1.1
Content-type: application/json
{
   "AdminAccountId": "string",
   "Feature": "string"
}URI Request Parameters
The request does not use any URI parameters.
Request Body
The request accepts the following data in JSON format.
- AdminAccountId
- 
               The AWS account identifier of the account to designate as the Security Hub administrator account. Type: String Pattern: .*\S.*Required: Yes 
- Feature
- 
               The feature for which the delegated admin account is enabled. Defaults to Security Hub if not specified. Type: String Valid Values: SecurityHub | SecurityHubV2Required: No 
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
   "AdminAccountId": "string",
   "Feature": "string"
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- AdminAccountId
- 
               The AWS account identifier of the account to designate as the Security Hub administrator account. Type: String Pattern: .*\S.*
- Feature
- 
               The feature where the delegated administrator is enabled. The default is Security Hub CSPM if no delegated administrator is specified in the request. Type: String Valid Values: SecurityHub | SecurityHubV2
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
- 
               You don't have permission to perform the action specified in the request. HTTP Status Code: 403 
- InternalException
- 
               Internal server error. HTTP Status Code: 500 
- InvalidAccessException
- 
               The account doesn't have permission to perform this action. HTTP Status Code: 401 
- InvalidInputException
- 
               The request was rejected because you supplied an invalid or out-of-range value for an input parameter. HTTP Status Code: 400 
- LimitExceededException
- 
               The request was rejected because it attempted to create resources beyond the current AWS account or throttling limits. The error code describes the limit exceeded. HTTP Status Code: 429 
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: