AWS Security ChangesHomeSearch

AWS organizations documentation change

Service: organizations · 2025-04-25 · Documentation low

File: organizations/latest/userguide/orgs_reference_available-policies.md

Summary

Updated AWSOrganizationsFullAccess policy documentation to include new account name management permissions.

Security assessment

Adds documentation for IAM policy changes granting `account:GetAccountInformation` and `account:PutAccountName` actions. While these relate to access control (a security feature), there is no evidence this addresses a specific security vulnerability. The change documents expanded policy capabilities for account name management.

Diff

diff --git a/organizations/latest/userguide/orgs_reference_available-policies.md b/organizations/latest/userguide/orgs_reference_available-policies.md
index 06f49d3ca..9502893bd 100644
--- a//organizations/latest/userguide/orgs_reference_available-policies.md
+++ b//organizations/latest/userguide/orgs_reference_available-policies.md
@@ -42,0 +43 @@ Change | Description | Date
+[AWSOrganizationsFullAccess](https://console.aws.amazon.com/iam/home?#/policies/arn:aws:iam::aws:policy/AWSOrganizationsFullAccess$jsonEditor) – updated to allow account API permissions required to view or modify an account name via the Organizations console. |  Added the `account:GetAccountInformation` action to enable access to view the account name of any account in an organization and the `account:PutAccountName` action to enable access to modify any account name in an organization. |  April 22, 2025