:doc:`IAM <../../iam>` / Client / enable_organizations_root_credentials_management

************************************************
enable_organizations_root_credentials_management
************************************************



.. py:method:: IAM.Client.enable_organizations_root_credentials_management()

  

  Enables the management of privileged root user credentials across member accounts in your organization. When you enable root credentials management for `centralized root access <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-user.html#id_root-user-access-management>`__, the management account and the delegated administrator for IAM can manage root user credentials for member accounts in your organization.

   

  Before you enable centralized root access, you must have an account configured with the following settings:

   

  
  * You must manage your Amazon Web Services accounts in `Organizations <https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html>`__.
   
  * Enable trusted access for Identity and Access Management in Organizations. For details, see `IAM and Organizations <https://docs.aws.amazon.com/organizations/latest/userguide/services-that-can-integrate-iam.html>`__ in the *Organizations User Guide*.
  

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableOrganizationsRootCredentialsManagement>`_  


  **Request Syntax**
  ::

    response = client.enable_organizations_root_credentials_management()
    
    
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'OrganizationId': 'string',
          'EnabledFeatures': [
              'RootCredentialsManagement'|'RootSessions',
          ]
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **OrganizationId** *(string) --* 

        The unique identifier (ID) of an organization.

        
      

      - **EnabledFeatures** *(list) --* 

        The features you have enabled for centralized root access.

        
        

        - *(string) --* 
    
  
  **Exceptions**
  
  *   :py:class:`IAM.Client.exceptions.ServiceAccessNotEnabledException`

  
  *   :py:class:`IAM.Client.exceptions.AccountNotManagementOrDelegatedAdministratorException`

  
  *   :py:class:`IAM.Client.exceptions.OrganizationNotFoundException`

  
  *   :py:class:`IAM.Client.exceptions.OrganizationNotInAllFeaturesModeException`

  
  *   :py:class:`IAM.Client.exceptions.CallerIsNotManagementAccountException`

  