All posts by Raymond Ma

AWS Organizations now requires email address verification in order to invite accounts to an organization

Post Syndicated from Raymond Ma original https://aws.amazon.com/blogs/security/aws-organizations-now-requires-email-address-verification/

AWS Organizations, the service for centrally managing multiple AWS accounts, enables you to invite existing accounts to join your organization. To provide additional assurance about your organization’s identity to AWS accounts that you invite, AWS Organizations is adding a new feature. Beginning on September 27, 2018, you’ll need to verify the email address associated with your organization’s master account before you invite existing accounts to join your organization. To prepare for this feature, you may verify the email address associated with your master account starting today.

If you need to change your master account email address prior to verifying it, please see Managing an AWS Account.

How to verify your master account email address

To verify your master account email address, follow these steps:

  1. Navigate to the Organizations console and choose the Settings tab.
  2. From the Organization details section of the settings page, choose Send verification request.
    Figure 1: Sending the verification request

    Figure 1: Sending the verification request

    You’ll receive a pop-up notification confirming that a verification email has been sent to the email address associated with your master account.

    Figure 2: Confirmation of verification email

    Figure 2: Notification of sent email

  3. Log into your email account and look for an email from AWS with the subject line AWS Organizations email verification request.
  4. Open the email and choose Verify your email address.
    Figure 3: Verification link in email

    Figure 3: Email verification link

  5. If you don’t have an active AWS session, log back into your AWS account. You should see a notification that your email address has been successfully verified. You’ll now be able to invite accounts to join your organization.
    Figure 4: Notification of successful verification

    Figure 4: Notification of successful verification

Summary

To provide additional security assurance to AWS accounts that are invited to join an organization, AWS Organizations will require email verification for organization master accounts starting September 27, 2018. To verify your master account email address and invite AWS accounts to join your organization, sign in to the Organizations console and follow the steps I’ve outlined in this post.

If you have comments about this post, submit them in the Comments section below. If you have questions about or issues implementing this solution, start a new thread on the Organizations forum or contact AWS Support..

Want more AWS Security news? Follow us on Twitter.

Raymond Ma

Raymond is a Senior Technical Product Manager on the AWS Identity team covering AWS Organizations and Accounts. Outside of work, he enjoys taking care of his dog, Merlin, and volunteering with King County Search and Rescue.