:doc:`IAM <../../iam>` / Client / enable_organizations_root_sessions

**********************************
enable_organizations_root_sessions
**********************************



.. py:method:: IAM.Client.enable_organizations_root_sessions()

  

  Allows the management account or delegated administrator to perform privileged tasks on member accounts in your organization. For more information, see `Centrally manage root access for member accounts <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-user.html#id_root-user-access-management>`__ in the *Identity and Access Management User Guide*.

   

  Before you enable this feature, you must have an account configured with the following settings:

   

  
  * You must manage your Amazon Web Services accounts in `Organizations <https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html>`__.
   
  * Enable trusted access for Identity and Access Management in Organizations. For details, see `IAM and Organizations <https://docs.aws.amazon.com/organizations/latest/userguide/services-that-can-integrate-ra.html>`__ in the *Organizations User Guide*.
  

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableOrganizationsRootSessions>`_  


  **Request Syntax**
  ::

    response = client.enable_organizations_root_sessions()
    
    
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'OrganizationId': 'string',
          'EnabledFeatures': [
              'RootCredentialsManagement'|'RootSessions',
          ]
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **OrganizationId** *(string) --* 

        The unique identifier (ID) of an organization.

        
      

      - **EnabledFeatures** *(list) --* 

        The features you have enabled for centralized root access.

        
        

        - *(string) --* 
    
  
  **Exceptions**
  
  *   :py:class:`IAM.Client.exceptions.ServiceAccessNotEnabledException`

  
  *   :py:class:`IAM.Client.exceptions.AccountNotManagementOrDelegatedAdministratorException`

  
  *   :py:class:`IAM.Client.exceptions.OrganizationNotFoundException`

  
  *   :py:class:`IAM.Client.exceptions.OrganizationNotInAllFeaturesModeException`

  
  *   :py:class:`IAM.Client.exceptions.CallerIsNotManagementAccountException`

  