Listing of Org Accounts

Our AWS integration allows us to automatically list all the accounts available under the organization in AWS.

To enable Delinea to list all accounts, ensure that the management account grants our role the necessary permissions.

If manually installing the role, add the following permissions:

• organizations:DescribeOrganization

• organizations:ListAccounts

• organizations:ListTagsForResource

• organizations:ListOrganizationalUnitsForParent

If you installed the Identity Center integration, these permissions are already included.

Once the permissions are granted, in the integration screen under Discovery > Sources, ensure that the Account Number field is left empty to allow the system to discover accounts automatically.